From 7c025c87c6e41d4df26df63ebd001b2df222bb85 Mon Sep 17 00:00:00 2001 From: Sergey Berezansky Date: Tue, 29 Oct 2024 15:55:37 +0200 Subject: [PATCH 01/63] feat(CSI-300): add arm64 support --- .github/workflows/pull-request.yaml | 13 ++++++++----- .github/workflows/push-dev.yaml | 7 +++++++ .github/workflows/release.yaml | 5 +++++ README.md.gotmpl | 1 + 4 files changed, 21 insertions(+), 5 deletions(-) diff --git a/.github/workflows/pull-request.yaml b/.github/workflows/pull-request.yaml index a03555814..58ac60d9d 100644 --- a/.github/workflows/pull-request.yaml +++ b/.github/workflows/pull-request.yaml @@ -32,6 +32,9 @@ jobs: fi # DOCKER BUILD & PUSH + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 + - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 - name: Login to Quay.io @@ -56,6 +59,7 @@ jobs: provenance: false # https://issues.redhat.com/browse/PROJQUAY-5013 quay doesn't support it build-args: | VERSION='${{ steps.auto_version.outputs.version }}' + platforms: linux/amd64,linux/arm64 # HELM - name: Get Helm chart version @@ -66,12 +70,11 @@ jobs: - name: Update Helm chart version uses: mikefarah/yq@master with: - cmd: | + cmd: | BASEDIR=charts/csi-wekafsplugin DRIVER_VERSION="$(echo ${{ steps.version.outputs.version }} | sed 's/^v//1')" CHART_VERSION="${{ steps.helm_version.outputs.helm_version }}" APP_VERSION="${{ steps.version.outputs.version }}" - yq -i '.version = "'$CHART_VERSION'"' $BASEDIR/Chart.yaml yq -i '.appVersion = "'$APP_VERSION'"' $BASEDIR/Chart.yaml yq -i '.sources[0] = "https://github.com/weka/csi-wekafs/tree/v$CHART_VERSION/charts/csi-wekafsplugin"' $BASEDIR/Chart.yaml @@ -88,7 +91,7 @@ jobs: options: -v ${{ github.workspace }}:/data run: | cd /data - helm-docs -s file -c charts -o ../../README.md -t ../README.md.gotmpl + helm-docs -s file -c charts -o ../../README.md -t ../README.md.gotmpl helm-docs -s file -c charts - name: Set up Helm @@ -142,7 +145,7 @@ jobs: S3_BUCKET_NAME=${{ secrets.S3_BUCKET_NAME }} URL="https://$S3_BUCKET_NAME.s3.$AWS_REGION.amazonaws.com" echo "filename=$FILENAME" >> $GITHUB_OUTPUT - echo "url=$URL" >> $GITHUB_OUTPUT + echo "url=$URL" >> $GITHUB_OUTPUT - name: Install AWS CLI id: install-aws-cli @@ -157,7 +160,7 @@ jobs: export AWS_SECRET_ACCESS_KEY="${{ secrets.AWS_SECRET_ACCESS_KEY}}" export AWS_REGION="${{ secrets.AWS_REGION }}" aws s3 cp ${{ steps.helm-package.outputs.filename }} "s3://${{ vars.AWS_BUCKET }}/" - echo "link=https://${{ vars.AWS_BUCKET }}.s3.${AWS_REGION}.amazonaws.com/${{ steps.helm-package.outputs.filename }}" >> $GITHUB_OUTPUT + echo "link=https://${{ vars.AWS_BUCKET }}.s3.${AWS_REGION}.amazonaws.com/${{ steps.helm-package.outputs.filename }}" >> $GITHUB_OUTPUT if: steps.helm-test.outputs.passed == 'true' - uses: rtCamp/action-slack-notify@v2 diff --git a/.github/workflows/push-dev.yaml b/.github/workflows/push-dev.yaml index 3165d6852..9a31da343 100644 --- a/.github/workflows/push-dev.yaml +++ b/.github/workflows/push-dev.yaml @@ -37,14 +37,19 @@ jobs: fi # DOCKER BUILD & PUSH + - name: Set up QEMU + uses: docker/setup-qemu-action@v2 + - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 + - name: Login to Quay.io uses: docker/login-action@v3 with: username: ${{ secrets.DOCKER_USERNAME }} password: ${{ secrets.DOCKER_PASSWORD }} registry: quay.io + - name: Build and push uses: docker/build-push-action@v6 with: @@ -61,6 +66,7 @@ jobs: provenance: false # https://issues.redhat.com/browse/PROJQUAY-5013 quay doesn't support it build-args: | VERSION='${{ steps.auto_version.outputs.version }}' + platforms: linux/amd64,linux/arm64 # HELM - name: Get Helm chart version @@ -68,6 +74,7 @@ jobs: run: | out="$(echo "${{ steps.auto_version.outputs.version }}" | sed 's/^v//1')" echo "helm_version=$out" >> $GITHUB_OUTPUT + - name: Update Helm chart version uses: mikefarah/yq@master with: diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index 7d2af8653..acbfe93c9 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -133,7 +133,11 @@ jobs: cat changelog1 > charts/csi-wekafsplugin/CHANGELOG.md mv CHANGELOG.md RELEASE.md + - name: Set up QEMU + uses: docker/setup-qemu-action@v2 + - uses: docker/setup-buildx-action@v3 + - uses: docker/login-action@v3 with: username: ${{ secrets.DOCKER_USERNAME }} @@ -152,6 +156,7 @@ jobs: revision='${{ steps.set_version.outputs.version }}' build-args: | VERSION='${{ steps.set_version.outputs.version }}' + platforms: linux/amd64,linux/arm64 - name: helm-docs uses: addnab/docker-run-action@v3 diff --git a/README.md.gotmpl b/README.md.gotmpl index bb7e87288..ef6a3a47c 100644 --- a/README.md.gotmpl +++ b/README.md.gotmpl @@ -14,6 +14,7 @@ - Kubernetes cluster of version 1.20 or later is recommended. Minimum version is 1.17 - Access to terminal with `kubectl` installed - Weka system pre-configured and Weka client installed and registered in cluster for each Kubernetes node +- Both AMD64 and ARM64 platforms are supported ## Deployment - [Helm public repo](https://artifacthub.io/packages/helm/csi-wekafs/csi-wekafsplugin) (recommended) From 5c7c89f0efc36ff5fded4a0ba4716c4de63a80f4 Mon Sep 17 00:00:00 2001 From: Sergey Berezansky Date: Thu, 31 Oct 2024 18:04:11 +0200 Subject: [PATCH 02/63] refactor(CSI-305): change mount Map logic for WEKAFS to align with NFS and support same fs name on SCMC --- pkg/wekafs/interfaces.go | 3 +- pkg/wekafs/nfsmount.go | 1 - pkg/wekafs/nfsmounter.go | 3 +- pkg/wekafs/utilities.go | 18 +++++++ pkg/wekafs/wekafsmount.go | 101 +++++++++++++++++++++++++----------- pkg/wekafs/wekafsmounter.go | 98 ++++++++++++++-------------------- 6 files changed, 131 insertions(+), 93 deletions(-) diff --git a/pkg/wekafs/interfaces.go b/pkg/wekafs/interfaces.go index d2c6a06d5..bb142eeec 100644 --- a/pkg/wekafs/interfaces.go +++ b/pkg/wekafs/interfaces.go @@ -32,9 +32,8 @@ type AnyMounter interface { getTransport() DataTransport } -type mountsMapPerFs map[string]AnyMount -type mountsMap map[string]mountsMapPerFs type nfsMountsMap map[string]int // we only follow the mountPath and number of references +type wekafsMountsMap map[string]int type DataTransport string type UnmountFunc func() diff --git a/pkg/wekafs/nfsmount.go b/pkg/wekafs/nfsmount.go index 7c8b617a4..fece0a20d 100644 --- a/pkg/wekafs/nfsmount.go +++ b/pkg/wekafs/nfsmount.go @@ -81,7 +81,6 @@ func (m *nfsMount) incRef(ctx context.Context, apiClient *apiclient.ApiClient) e } refCount++ m.mounter.mountMap[m.getRefcountIdx()] = refCount - m.mounter.mountMap[m.getRefcountIdx()] = refCount logger.Trace(). Int("refcount", refCount). diff --git a/pkg/wekafs/nfsmounter.go b/pkg/wekafs/nfsmounter.go index ffec42cd2..2815f9986 100644 --- a/pkg/wekafs/nfsmounter.go +++ b/pkg/wekafs/nfsmounter.go @@ -100,10 +100,10 @@ func (m *nfsMounter) Mount(ctx context.Context, fs string, apiClient *apiclient. } func (m *nfsMounter) unmountWithOptions(ctx context.Context, fsName string, options MountOptions) error { - opts := options options.setSelinux(m.getSelinuxStatus(ctx), MountProtocolNfs) options = options.AsNfs() options.Merge(options, m.exclusiveMountOptions) + log.Ctx(ctx).Trace().Strs("mount_options", options.Strings()).Str("filesystem", fsName).Msg("Received an unmount request") mnt := m.NewMount(fsName, options).(*nfsMount) // since we are not aware of the IP address of the mount, we need to find the mount point by listing the mounts err := mnt.locateMountIP() @@ -112,7 +112,6 @@ func (m *nfsMounter) unmountWithOptions(ctx context.Context, fsName string, opti return err } - log.Ctx(ctx).Trace().Strs("mount_options", opts.Strings()).Str("filesystem", fsName).Msg("Received an unmount request") return mnt.decRef(ctx) } diff --git a/pkg/wekafs/utilities.go b/pkg/wekafs/utilities.go index cdb3a7eb1..c708152e5 100644 --- a/pkg/wekafs/utilities.go +++ b/pkg/wekafs/utilities.go @@ -321,6 +321,24 @@ func GetMountIpFromActualMountPoint(mountPointBase string) (string, error) { } return "", errors.New("mount point not found") } +func GetMountContainerNameFromActualMountPoint(mountPointBase string) (string, error) { + file, err := os.Open("/proc/mounts") + if err != nil { + return "", errors.New("failed to open /proc/mounts") + } + defer func() { _ = file.Close() }() + scanner := bufio.NewScanner(file) + for scanner.Scan() { + fields := strings.Fields(scanner.Text()) + if len(fields) >= 4 && fields[2] == "wekafs" { + optionsString := fields[3] + mountOptions := NewMountOptionsFromString(optionsString) + containerName := mountOptions.getOptionValue("container_name") + return containerName, nil + } + } + return "", errors.New("mount point not found") +} func validateVolumeId(volumeId string) error { // Volume New format: diff --git a/pkg/wekafs/wekafsmount.go b/pkg/wekafs/wekafsmount.go index 28280a911..e48073b5a 100644 --- a/pkg/wekafs/wekafsmount.go +++ b/pkg/wekafs/wekafsmount.go @@ -14,6 +14,7 @@ import ( ) type wekafsMount struct { + mounter *wekafsMounter fsName string mountPoint string refCount int @@ -23,9 +24,13 @@ type wekafsMount struct { mountOptions MountOptions lastUsed time.Time allowProtocolContainers bool + containerName string } func (m *wekafsMount) getMountPoint() string { + if m.containerName != "" { + return fmt.Sprintf("%s-%s", m.mountPoint, m.containerName) + } return m.mountPoint } @@ -48,46 +53,83 @@ func (m *wekafsMount) isMounted() bool { return PathExists(m.getMountPoint()) && PathIsWekaMount(context.Background(), m.getMountPoint()) } +func (m *wekafsMount) getRefcountIdx() string { + return m.getMountPoint() + "^" + m.getMountOptions().String() +} + func (m *wekafsMount) incRef(ctx context.Context, apiClient *apiclient.ApiClient) error { logger := log.Ctx(ctx) - m.lock.Lock() - defer m.lock.Unlock() - if m.refCount < 0 { - logger.Error().Str("mount_point", m.getMountPoint()).Int("refcount", m.refCount).Msg("During incRef negative refcount encountered") - m.refCount = 0 // to make sure that we don't have negative refcount later + if m.mounter == nil { + logger.Error().Msg("Mounter is nil") + return errors.New("mounter is nil") + } + + m.mounter.lock.Lock() + defer m.mounter.lock.Unlock() + refCount, ok := m.mounter.mountMap[m.getRefcountIdx()] + if !ok { + refCount = 0 } - if m.refCount == 0 { + if refCount == 0 { if err := m.doMount(ctx, apiClient, m.getMountOptions()); err != nil { return err } - } else if !m.isMounted() { - logger.Warn().Str("mount_point", m.getMountPoint()).Int("refcount", m.refCount).Msg("Mount not exists although should!") + } + if refCount > 0 && !m.isMounted() { + logger.Warn().Str("mount_point", m.getMountPoint()).Int("refcount", refCount).Msg("Mount not exists although should!") if err := m.doMount(ctx, apiClient, m.getMountOptions()); err != nil { return err } - } - m.refCount++ - logger.Trace().Int("refcount", m.refCount).Strs("mount_options", m.getMountOptions().Strings()).Str("filesystem_name", m.fsName).Msg("RefCount increased") + refCount++ + m.mounter.mountMap[m.getRefcountIdx()] = refCount + logger.Trace(). + Int("refcount", refCount). + Strs("mount_options", m.getMountOptions().Strings()). + Str("filesystem_name", m.fsName). + Str("mount_point", m.getMountPoint()). + Msg("RefCount increased") return nil } func (m *wekafsMount) decRef(ctx context.Context) error { logger := log.Ctx(ctx) - m.lock.Lock() - defer m.lock.Unlock() - m.refCount-- - m.lastUsed = time.Now() - logger.Trace().Int("refcount", m.refCount).Strs("mount_options", m.getMountOptions().Strings()).Str("filesystem_name", m.fsName).Msg("RefCount decreased") - if m.refCount < 0 { - logger.Error().Int("refcount", m.refCount).Msg("During decRef negative refcount encountered") - m.refCount = 0 // to make sure that we don't have negative refcount later + if m.mounter == nil { + logger.Error().Msg("Mounter is nil") + return errors.New("mounter is nil") + } + m.mounter.lock.Lock() + defer m.mounter.lock.Unlock() + refCount, ok := m.mounter.mountMap[m.getRefcountIdx()] + if !ok { + logger.Error().Int("refcount", refCount).Str("mount_options", m.getMountOptions().String()).Str("mount_point", m.getMountPoint()).Msg("During decRef refcount not found") + refCount = 0 + } + if refCount < 0 { + logger.Error().Int("refcount", refCount).Msg("During decRef negative refcount encountered, probably due to failed unmount") } - if m.refCount == 0 { - if err := m.doUnmount(ctx); err != nil { - m.refCount++ // since we failed to unmount, we need to increase the refcount back to the original value + if refCount > 0 { + logger.Trace().Int("refcount", refCount).Strs("mount_options", m.getMountOptions().Strings()).Str("filesystem_name", m.fsName).Msg("RefCount decreased") + refCount-- + m.mounter.mountMap[m.getRefcountIdx()] = refCount + } + if refCount == 0 { + if m.isMounted() { + if err := m.doUnmount(ctx); err != nil { + return err + } + } + } + return nil +} + +func (m *wekafsMount) locateContainerName() error { + if m.containerName == "" { + containerName, err := GetMountContainerNameFromActualMountPoint(m.mountPoint) + if err != nil { return err } + m.containerName = containerName } return nil } @@ -114,7 +156,6 @@ func (m *wekafsMount) doMount(ctx context.Context, apiClient *apiclient.ApiClien logger := log.Ctx(ctx).With().Str("mount_point", m.getMountPoint()).Str("filesystem", m.fsName).Logger() mountToken := "" var mountOptionsSensitive []string - var localContainerName string if err := os.MkdirAll(m.getMountPoint(), DefaultVolumePermissions); err != nil { return err } @@ -141,26 +182,26 @@ func (m *wekafsMount) doMount(ctx context.Context, apiClient *apiclient.ApiClien // if needed, add containerName to the mount string if apiClient != nil && len(containerPaths) > 1 { - localContainerName = apiClient.Credentials.LocalContainerName + m.containerName = apiClient.Credentials.LocalContainerName if apiClient.SupportsMultipleClusters() { - if localContainerName != "" { - logger.Info().Str("local_container_name", localContainerName).Msg("Local container name set by secrets") + if m.containerName != "" { + logger.Info().Str("local_container_name", m.containerName).Msg("Local container name set by secrets") } else { container, err := apiClient.GetLocalContainer(ctx, m.allowProtocolContainers) if err != nil || container == nil { logger.Warn().Err(err).Msg("Failed to determine local container, assuming default") } else { - localContainerName = container.ContainerName + m.containerName = container.ContainerName } } - if localContainerName != "" { + if m.containerName != "" { for _, p := range containerPaths { containerName := filepath.Base(filepath.Dir(p)) - if localContainerName == containerName { + if m.containerName == containerName { mountOptions.customOptions["container_name"] = mountOption{ option: "container_name", - value: localContainerName, + value: m.containerName, } break diff --git a/pkg/wekafs/wekafsmounter.go b/pkg/wekafs/wekafsmounter.go index 970e733c9..0c6434873 100644 --- a/pkg/wekafs/wekafsmounter.go +++ b/pkg/wekafs/wekafsmounter.go @@ -5,6 +5,7 @@ import ( "github.com/rs/zerolog/log" "github.com/wekafs/csi-wekafs/pkg/wekafs/apiclient" "k8s.io/mount-utils" + "strings" "sync" "time" ) @@ -14,7 +15,7 @@ const ( ) type wekafsMounter struct { - mountMap mountsMap + mountMap wekafsMountsMap lock sync.Mutex kMounter mount.Interface debugPath string @@ -33,7 +34,7 @@ func newWekafsMounter(driver *WekaFsDriver) *wekafsMounter { log.Debug().Msg("SELinux support is forced") selinuxSupport = &[]bool{true}[0] } - mounter := &wekafsMounter{mountMap: mountsMap{}, debugPath: driver.debugPath, selinuxSupport: selinuxSupport} + mounter := &wekafsMounter{mountMap: wekafsMountsMap{}, debugPath: driver.debugPath, selinuxSupport: selinuxSupport} mounter.gc = initInnerPathVolumeGc(mounter) mounter.schedulePeriodicMountGc() @@ -41,27 +42,20 @@ func newWekafsMounter(driver *WekaFsDriver) *wekafsMounter { } func (m *wekafsMounter) NewMount(fsName string, options MountOptions) AnyMount { - m.lock.Lock() if m.kMounter == nil { m.kMounter = mount.New("") } - if _, ok := m.mountMap[fsName]; !ok { - m.mountMap[fsName] = mountsMapPerFs{} - } - if _, ok := m.mountMap[fsName][options.AsMapKey()]; !ok { - uniqueId := getStringSha1AsB32(fsName + ":" + options.String()) - wMount := &wekafsMount{ - kMounter: m.kMounter, - fsName: fsName, - debugPath: m.debugPath, - mountPoint: "/run/weka-fs-mounts/" + getAsciiPart(fsName, 64) + "-" + uniqueId, - mountOptions: options, - allowProtocolContainers: m.allowProtocolContainers, - } - m.mountMap[fsName][options.AsMapKey()] = wMount + uniqueId := getStringSha1AsB32(fsName + ":" + options.String()) + wMount := &wekafsMount{ + mounter: m, + kMounter: m.kMounter, + fsName: fsName, + debugPath: m.debugPath, + mountPoint: "/run/weka-fs-mounts/" + getAsciiPart(fsName, 64) + "-" + uniqueId, + mountOptions: options, + allowProtocolContainers: m.allowProtocolContainers, } - m.lock.Unlock() - return m.mountMap[fsName][options.AsMapKey()] + return wMount } func (m *wekafsMounter) getSelinuxStatus(ctx context.Context) bool { @@ -76,6 +70,7 @@ func (m *wekafsMounter) getSelinuxStatus(ctx context.Context) bool { func (m *wekafsMounter) mountWithOptions(ctx context.Context, fsName string, mountOptions MountOptions, apiClient *apiclient.ApiClient) (string, error, UnmountFunc) { mountOptions.setSelinux(m.getSelinuxStatus(ctx), MountProtocolWekafs) mountObj := m.NewMount(fsName, mountOptions) + mountErr := mountObj.incRef(ctx, apiClient) if mountErr != nil { @@ -94,41 +89,34 @@ func (m *wekafsMounter) Mount(ctx context.Context, fs string, apiClient *apiclie } func (m *wekafsMounter) unmountWithOptions(ctx context.Context, fsName string, options MountOptions) error { - opts := options options.setSelinux(m.getSelinuxStatus(ctx), MountProtocolWekafs) + log.Ctx(ctx).Trace().Strs("mount_options", options.Strings()).Str("filesystem", fsName).Msg("Received an unmount request") + mnt := m.NewMount(fsName, options).(*wekafsMount) - log.Ctx(ctx).Trace().Strs("mount_options", opts.Strings()).Str("filesystem", fsName).Msg("Received an unmount request") - if mnt, ok := m.mountMap[fsName][options.AsMapKey()]; ok { - err := mnt.decRef(ctx) - if err == nil { - if m.mountMap[fsName][options.AsMapKey()].getRefCount() <= 0 { - log.Ctx(ctx).Trace().Str("filesystem", fsName).Strs("mount_options", options.Strings()).Msg("This is a last use of this mount, removing from map") - delete(m.mountMap[fsName], options.String()) - } - if len(m.mountMap[fsName]) == 0 { - log.Ctx(ctx).Trace().Str("filesystem", fsName).Msg("No more mounts to filesystem, removing from map") - delete(m.mountMap, fsName) - } - } + err := mnt.locateContainerName() + if err != nil { + log.Ctx(ctx).Error().Err(err).Msg("Failed to locate containerName") return err - - } else { - log.Ctx(ctx).Warn().Msg("Attempted to access mount point which is not known to the system") - return nil } + + return mnt.decRef(ctx) } func (m *wekafsMounter) LogActiveMounts() { + m.lock.Lock() + defer m.lock.Unlock() if len(m.mountMap) > 0 { count := 0 - for fsName := range m.mountMap { - for mnt := range m.mountMap[fsName] { - mapEntry := m.mountMap[fsName][mnt] - if mapEntry.getRefCount() > 0 { - log.Trace().Str("filesystem", fsName).Int("refcount", mapEntry.getRefCount()).Strs("mount_options", mapEntry.getMountOptions().Strings()).Msg("Mount is active") + for refIndex := range m.mountMap { + if mapEntry, ok := m.mountMap[refIndex]; ok { + parts := strings.Split(refIndex, "^") + logger := log.With().Str("mount_point", parts[0]).Str("mount_options", parts[1]).Str("ref_index", refIndex).Int("refcount", mapEntry).Logger() + + if mapEntry > 0 { + logger.Trace().Msg("Mount is active") count++ } else { - log.Trace().Str("filesystem", fsName).Int("refcount", mapEntry.getRefCount()).Strs("mount_options", mapEntry.getMountOptions().Strings()).Msg("Mount is not active") + logger.Trace().Msg("Mount is not active") } } @@ -138,24 +126,18 @@ func (m *wekafsMounter) LogActiveMounts() { } func (m *wekafsMounter) gcInactiveMounts() { + m.lock.Lock() + defer m.lock.Unlock() if len(m.mountMap) > 0 { - for fsName := range m.mountMap { - for uniqueId, wekaMount := range m.mountMap[fsName] { - if wekaMount.getRefCount() == 0 { - if wekaMount.getLastUsed().Before(time.Now().Add(-inactiveMountGcPeriod)) { - m.lock.Lock() - if wekaMount.getRefCount() == 0 { - log.Trace().Str("filesystem", fsName).Strs("mount_options", wekaMount.getMountOptions().Strings()). - Time("last_used", wekaMount.getLastUsed()).Msg("Removing stale mount from map") - delete(m.mountMap[fsName], uniqueId) - } - m.lock.Unlock() - } + for refIndex := range m.mountMap { + if mapEntry, ok := m.mountMap[refIndex]; ok { + if mapEntry == 0 { + parts := strings.Split(refIndex, "^") + logger := log.With().Str("mount_point", parts[0]).Str("mount_options", parts[1]).Str("ref_index", refIndex).Logger() + logger.Trace().Msg("Removing inactive mount from map") + delete(m.mountMap, refIndex) } } - if len(m.mountMap[fsName]) == 0 { - delete(m.mountMap, fsName) - } } } } From e327c44a5585b0507113c73e1ca70a5e8c2f7247 Mon Sep 17 00:00:00 2001 From: Sergey Berezansky Date: Sun, 3 Nov 2024 15:30:50 +0200 Subject: [PATCH 03/63] refactor(CSI-305): add localContainerName on NewMount --- pkg/wekafs/wekafsmount.go | 116 +++++++++++++++++++++--------------- pkg/wekafs/wekafsmounter.go | 6 +- 2 files changed, 73 insertions(+), 49 deletions(-) diff --git a/pkg/wekafs/wekafsmount.go b/pkg/wekafs/wekafsmount.go index e48073b5a..69f8ba990 100644 --- a/pkg/wekafs/wekafsmount.go +++ b/pkg/wekafs/wekafsmount.go @@ -152,70 +152,90 @@ func (m *wekafsMount) doUnmount(ctx context.Context) error { return err } -func (m *wekafsMount) doMount(ctx context.Context, apiClient *apiclient.ApiClient, mountOptions MountOptions) error { +func (m *wekafsMount) ensureLocalContainerName(ctx context.Context, apiClient *apiclient.ApiClient) error { logger := log.Ctx(ctx).With().Str("mount_point", m.getMountPoint()).Str("filesystem", m.fsName).Logger() - mountToken := "" - var mountOptionsSensitive []string - if err := os.MkdirAll(m.getMountPoint(), DefaultVolumePermissions); err != nil { + + // already set + if m.containerName != "" { + return nil + } + + // legacy flow + if apiClient == nil { + return nil + } + + // dev mode, no actual wekafs mount happens + if m.isInDevMode() { + logger.Trace().Msg("In dev mode, skipping container name check") + return nil + } + + // name explicitly set in secrets + m.containerName = apiClient.Credentials.LocalContainerName + if m.containerName != "" { + logger.Info().Str("local_container", m.containerName).Msg("Local container name set by secrets") + return nil + } + + if !apiClient.SupportsMultipleClusters() { + logger.Trace().Msg("Not a multiple cluster client, skipping container name check") + return nil + } + + logger.Trace().Msg("Ensuring local container name") + pattern := "/proc/wekafs/*/queue" + containerPaths, err := filepath.Glob(pattern) + if err != nil { + logger.Error().Err(err).Msg("Failed to fetch WekaFS containers on host, cannot mount filesystem without Weka container") return err + } else if len(containerPaths) == 0 { + logger.Error().Err(err).Msg("Failed to find active Weka container, cannot mount filesystem") + return errors.New("could not perform a mount since active Weka container was not found on host") } - if !m.isInDevMode() { - pattern := "/proc/wekafs/*/queue" - containerPaths, err := filepath.Glob(pattern) + + if len(containerPaths) > 0 { + container, err := apiClient.GetLocalContainer(ctx, m.allowProtocolContainers) if err != nil { - logger.Error().Err(err).Msg("Failed to fetch WekaFS containers on host, cannot mount filesystem without Weka container") + logger.Warn().Err(err).Msg("Failed to determine local container name via API") return err - } else if len(containerPaths) == 0 { - logger.Error().Err(err).Msg("Failed to find active Weka container, cannot mount filesystem") - return errors.New("could not perform a mount since active Weka container was not found on host") } + if container == nil { + logger.Warn().Err(err).Msg("Failed to determine local container name via API") + return errors.New("empty container returned from API") + } + m.containerName = container.ContainerName + logger.Debug().Str("container_name", m.containerName).Msg("Successfully determined local container name") + return nil + + } + return nil +} +func (m *wekafsMount) doMount(ctx context.Context, apiClient *apiclient.ApiClient, mountOptions MountOptions) error { + logger := log.Ctx(ctx).With().Str("mount_point", m.getMountPoint()).Str("filesystem", m.fsName).Logger() + var mountOptionsSensitive []string + if err := os.MkdirAll(m.getMountPoint(), DefaultVolumePermissions); err != nil { + return err + } + if !m.isInDevMode() { if apiClient == nil { - // this flow is relevant only for legacy volumes, will not work with SCMC + // this flow is relevant only for legacy volumes, will not work with SCMC / authenticated mounts / non-root org logger.Trace().Msg("No API client for mount, not requesting mount token") } else { - if mountToken, err = apiClient.GetMountTokenForFilesystemName(ctx, m.fsName); err != nil { + if mountToken, err := apiClient.GetMountTokenForFilesystemName(ctx, m.fsName); err != nil { return err + } else { + mountOptionsSensitive = append(mountOptionsSensitive, fmt.Sprintf("token=%s", mountToken)) } - mountOptionsSensitive = append(mountOptionsSensitive, fmt.Sprintf("token=%s", mountToken)) } - // if needed, add containerName to the mount string - if apiClient != nil && len(containerPaths) > 1 { - m.containerName = apiClient.Credentials.LocalContainerName - if apiClient.SupportsMultipleClusters() { - if m.containerName != "" { - logger.Info().Str("local_container_name", m.containerName).Msg("Local container name set by secrets") - } else { - container, err := apiClient.GetLocalContainer(ctx, m.allowProtocolContainers) - if err != nil || container == nil { - logger.Warn().Err(err).Msg("Failed to determine local container, assuming default") - } else { - m.containerName = container.ContainerName - } - - } - if m.containerName != "" { - for _, p := range containerPaths { - containerName := filepath.Base(filepath.Dir(p)) - if m.containerName == containerName { - mountOptions.customOptions["container_name"] = mountOption{ - option: "container_name", - value: m.containerName, - } - - break - } - } - - } else { - logger.Error().Err(errors.New("Could not determine container name, refer to documentation on handling multiple clusters clients with Kubernetes")).Msg("Failed to mount") - } - } + // if needed, add containerName to the mount options + if m.containerName != "" { + mountOptions = mountOptions.AddOption(fmt.Sprintf("container_name=%s", m.containerName)) } - logger.Trace().Strs("mount_options", m.getMountOptions().Strings()). - Fields(mountOptions).Msg("Performing mount") + logger.Trace().Strs("mount_options", mountOptions.Strings()).Msg("Performing mount") return m.kMounter.MountSensitive(m.fsName, m.getMountPoint(), "wekafs", mountOptions.Strings(), mountOptionsSensitive) } else { fakePath := filepath.Join(m.debugPath, m.fsName) diff --git a/pkg/wekafs/wekafsmounter.go b/pkg/wekafs/wekafsmounter.go index 0c6434873..29ad59754 100644 --- a/pkg/wekafs/wekafsmounter.go +++ b/pkg/wekafs/wekafsmounter.go @@ -69,7 +69,11 @@ func (m *wekafsMounter) getSelinuxStatus(ctx context.Context) bool { func (m *wekafsMounter) mountWithOptions(ctx context.Context, fsName string, mountOptions MountOptions, apiClient *apiclient.ApiClient) (string, error, UnmountFunc) { mountOptions.setSelinux(m.getSelinuxStatus(ctx), MountProtocolWekafs) - mountObj := m.NewMount(fsName, mountOptions) + mountObj := m.NewMount(fsName, mountOptions).(*wekafsMount) + + if err := mountObj.ensureLocalContainerName(ctx, apiClient); err != nil { + return "", err, func() {} + } mountErr := mountObj.incRef(ctx, apiClient) From 7efb4cd1245a1c8ac8bfbe42b9e9b5ed2aba9ed2 Mon Sep 17 00:00:00 2001 From: Sergey Berezansky Date: Sun, 3 Nov 2024 16:26:36 +0200 Subject: [PATCH 04/63] refactor(CSI-305): cache containerName on API client object --- pkg/wekafs/apiclient/apiclient.go | 1 + pkg/wekafs/apiclient/cluster.go | 20 ++++++++++++++++++++ 2 files changed, 21 insertions(+) diff --git a/pkg/wekafs/apiclient/apiclient.go b/pkg/wekafs/apiclient/apiclient.go index 970c96c77..da6fea38f 100644 --- a/pkg/wekafs/apiclient/apiclient.go +++ b/pkg/wekafs/apiclient/apiclient.go @@ -75,6 +75,7 @@ type ApiClient struct { NfsInterfaceGroups map[string]*InterfaceGroup ApiUserRole ApiUserRole ApiOrgId int + containerName string } type ApiEndPoint struct { diff --git a/pkg/wekafs/apiclient/cluster.go b/pkg/wekafs/apiclient/cluster.go index bdfa4ecd3..dc83d8641 100644 --- a/pkg/wekafs/apiclient/cluster.go +++ b/pkg/wekafs/apiclient/cluster.go @@ -218,6 +218,26 @@ func (a *ApiClient) GetLocalContainer(ctx context.Context, allowProtocolContaine } } +func (a *ApiClient) EnsureLocalContainer(ctx context.Context, allowProtocolContainers bool) (string, error) { + // already have the container name set either via secret or via API call + if a.containerName != "" { + return a.containerName, nil + } + // if having a local container name set in secrets + if a.Credentials.LocalContainerName != "" { + a.containerName = a.Credentials.LocalContainerName + return a.containerName, nil + } + + // fetch the container name from the API + container, err := a.GetLocalContainer(ctx, allowProtocolContainers) + if err != nil { + return "", err + } + a.containerName = container.ContainerName + return a.containerName, nil +} + func filterFrontendContainers(ctx context.Context, hostname string, containerList []Container, allowProtocolContainers bool) []Container { logger := log.Ctx(ctx) var ret []Container From 492ef8a2a280ac30436906d3c366d76f4608c29f Mon Sep 17 00:00:00 2001 From: Sergey Berezansky Date: Sun, 3 Nov 2024 16:35:16 +0200 Subject: [PATCH 05/63] refactor(CSI-305): simplify EnsureLocalContainer for NewMount to avoid multiple API calls --- pkg/wekafs/wekafsmount.go | 41 +++------------------------------------ 1 file changed, 3 insertions(+), 38 deletions(-) diff --git a/pkg/wekafs/wekafsmount.go b/pkg/wekafs/wekafsmount.go index 69f8ba990..ade608e25 100644 --- a/pkg/wekafs/wekafsmount.go +++ b/pkg/wekafs/wekafsmount.go @@ -170,44 +170,9 @@ func (m *wekafsMount) ensureLocalContainerName(ctx context.Context, apiClient *a logger.Trace().Msg("In dev mode, skipping container name check") return nil } - - // name explicitly set in secrets - m.containerName = apiClient.Credentials.LocalContainerName - if m.containerName != "" { - logger.Info().Str("local_container", m.containerName).Msg("Local container name set by secrets") - return nil - } - - if !apiClient.SupportsMultipleClusters() { - logger.Trace().Msg("Not a multiple cluster client, skipping container name check") - return nil - } - - logger.Trace().Msg("Ensuring local container name") - pattern := "/proc/wekafs/*/queue" - containerPaths, err := filepath.Glob(pattern) - if err != nil { - logger.Error().Err(err).Msg("Failed to fetch WekaFS containers on host, cannot mount filesystem without Weka container") - return err - } else if len(containerPaths) == 0 { - logger.Error().Err(err).Msg("Failed to find active Weka container, cannot mount filesystem") - return errors.New("could not perform a mount since active Weka container was not found on host") - } - - if len(containerPaths) > 0 { - container, err := apiClient.GetLocalContainer(ctx, m.allowProtocolContainers) - if err != nil { - logger.Warn().Err(err).Msg("Failed to determine local container name via API") - return err - } - if container == nil { - logger.Warn().Err(err).Msg("Failed to determine local container name via API") - return errors.New("empty container returned from API") - } - m.containerName = container.ContainerName - logger.Debug().Str("container_name", m.containerName).Msg("Successfully determined local container name") - return nil - + var err error + if m.containerName, err = apiClient.EnsureLocalContainer(ctx, m.allowProtocolContainers); err != nil { + logger.Error().Err(err).Msg("Failed to ensure local container") } return nil } From 66a1a81fed5683b0774b3abbff0f70f3532290ab Mon Sep 17 00:00:00 2001 From: Sergey Berezansky Date: Sun, 3 Nov 2024 17:41:21 +0200 Subject: [PATCH 06/63] refactor(CSI-305): do not fill in containerName if cluster does not support it --- pkg/wekafs/apiclient/cluster.go | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/pkg/wekafs/apiclient/cluster.go b/pkg/wekafs/apiclient/cluster.go index dc83d8641..1afa90380 100644 --- a/pkg/wekafs/apiclient/cluster.go +++ b/pkg/wekafs/apiclient/cluster.go @@ -229,6 +229,11 @@ func (a *ApiClient) EnsureLocalContainer(ctx context.Context, allowProtocolConta return a.containerName, nil } + // if the cluster does not support multiple clusters, we must omit the container name since we can't pass it as a mount option + if !a.SupportsMultipleClusters() { + return a.containerName, nil + } + // fetch the container name from the API container, err := a.GetLocalContainer(ctx, allowProtocolContainers) if err != nil { @@ -253,7 +258,11 @@ func filterFrontendContainers(ctx context.Context, hostname string, containerLis continue } if container.State != "ACTIVE" || container.Status != "UP" { - logger.Trace().Str("container_hostname", container.Hostname).Msg("Skipping an INACTIVE container") + logger.Trace().Str("container_hostname", container.Hostname). + Str("container_state", container.State). + Str("container_status", container.Status). + Str("container_id", container.Id). + Msg("Skipping an INACTIVE container") continue } logger.Debug().Str("container_hostname", container.Hostname).Str("container_name", container.ContainerName).Msg("Found a valid container") From efd5d7d200acaa63266d3b69cc9b9a3d4bf8f070 Mon Sep 17 00:00:00 2001 From: Sergey Berezansky Date: Sun, 3 Nov 2024 18:01:04 +0200 Subject: [PATCH 07/63] refactor(CSI-305): ensure that containerName is taken from correct mount during umount --- pkg/wekafs/utilities.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pkg/wekafs/utilities.go b/pkg/wekafs/utilities.go index c708152e5..d237e0268 100644 --- a/pkg/wekafs/utilities.go +++ b/pkg/wekafs/utilities.go @@ -330,14 +330,14 @@ func GetMountContainerNameFromActualMountPoint(mountPointBase string) (string, e scanner := bufio.NewScanner(file) for scanner.Scan() { fields := strings.Fields(scanner.Text()) - if len(fields) >= 4 && fields[2] == "wekafs" { + if len(fields) >= 4 && fields[2] == "wekafs" && strings.HasPrefix(fields[1], mountPointBase) { optionsString := fields[3] mountOptions := NewMountOptionsFromString(optionsString) containerName := mountOptions.getOptionValue("container_name") return containerName, nil } } - return "", errors.New("mount point not found") + return "", errors.New(fmt.Sprintf("mount point not found: %s", mountPointBase)) } func validateVolumeId(volumeId string) error { From dbdd772a1990e8a5313cc06f760babadb6fe81ac Mon Sep 17 00:00:00 2001 From: Sergey Berezansky Date: Sun, 3 Nov 2024 18:22:15 +0200 Subject: [PATCH 08/63] tests(CSI-305): add tests for GetMountContainerNameFromActualMountPoint --- pkg/wekafs/utilities.go | 4 +- pkg/wekafs/utilities_test.go | 73 ++++++++++++++++++++++++++++++++++++ 2 files changed, 76 insertions(+), 1 deletion(-) create mode 100644 pkg/wekafs/utilities_test.go diff --git a/pkg/wekafs/utilities.go b/pkg/wekafs/utilities.go index d237e0268..65ac6830e 100644 --- a/pkg/wekafs/utilities.go +++ b/pkg/wekafs/utilities.go @@ -25,6 +25,8 @@ import ( const SnapshotTypeUnifiedSnap = "wekasnap/v2" +var ProcMountsPath = "/proc/mounts" + func generateInnerPathForDirBasedVol(dynamicVolPath, csiVolName string) string { requestedNameHash := getStringSha1(csiVolName) asciiPart := getAsciiPart(csiVolName, 64) @@ -322,7 +324,7 @@ func GetMountIpFromActualMountPoint(mountPointBase string) (string, error) { return "", errors.New("mount point not found") } func GetMountContainerNameFromActualMountPoint(mountPointBase string) (string, error) { - file, err := os.Open("/proc/mounts") + file, err := os.Open(ProcMountsPath) if err != nil { return "", errors.New("failed to open /proc/mounts") } diff --git a/pkg/wekafs/utilities_test.go b/pkg/wekafs/utilities_test.go new file mode 100644 index 000000000..2359a9af4 --- /dev/null +++ b/pkg/wekafs/utilities_test.go @@ -0,0 +1,73 @@ +package wekafs + +import ( + "github.com/stretchr/testify/assert" + "os" + "testing" +) + +func TestGetMountContainerNameFromActualMountPoint(t *testing.T) { + // Create a temporary file to mock /proc/mounts + tmpFile, err := os.CreateTemp("", "mounts") + assert.NoError(t, err) + defer os.Remove(tmpFile.Name()) + + // Write mock data to the temporary file + mockData := ` +dev/sdc1 /boot/efi vfat rw,relatime,fmask=0077,dmask=0077,codepage=437,iocharset=ascii,shortname=winnt,errors=remount-ro 0 0 +fusectl /sys/fs/fuse/connections fusectl rw,relatime 0 0 +binfmt_misc /proc/sys/fs/binfmt_misc binfmt_misc rw,relatime 0 0 +/etc/auto.misc /misc autofs rw,relatime,fd=7,pgrp=2304,timeout=300,minproto=5,maxproto=5,indirect,pipe_ino=34520 0 0 +-hosts /net autofs rw,relatime,fd=13,pgrp=2304,timeout=300,minproto=5,maxproto=5,indirect,pipe_ino=36373 0 0 +/etc/auto.weka-smb /wekasmb autofs rw,relatime,fd=19,pgrp=2304,timeout=300,minproto=5,maxproto=5,indirect,pipe_ino=34528 0 0 +/etc/auto.weka-smb /wekasmb-persistent autofs rw,relatime,fd=25,pgrp=2304,timeout=0,minproto=5,maxproto=5,indirect,pipe_ino=34531 0 0 +/etc/auto.weka-kw /wekakwfs autofs rw,relatime,fd=31,pgrp=2304,timeout=300,minproto=5,maxproto=5,indirect,pipe_ino=34535 0 0 +/etc/auto.weka-kw /wekakwfs-persistent autofs rw,relatime,fd=37,pgrp=2304,timeout=0,minproto=5,maxproto=5,indirect,pipe_ino=35191 0 0 +tmpfs /run/user/0 tmpfs rw,nosuid,nodev,relatime,size=2238124k,mode=700 0 0 +10.108.97.126/default /mnt/weka wekafs rw,relatime,writecache,inode_bits=auto,readahead_kb=32768,dentry_max_age_positive=1000,dentry_max_age_negative=0,container_name=client 0 0 +10.108.97.126/default /mnt/weka wekafs rw,relatime,writecache,inode_bits=auto,readahead_kb=32768,dentry_max_age_positive=1000,dentry_max_age_negative=0,container_name=client 0 0 +default /run/weka-fs-mounts/default-DTQLAJ6KO6IUCZE23RBIM26YYUQNWKST-42b24381dc12client wekafs rw,relatime,writecache,inode_bits=auto,readahead_kb=32768,dentry_max_age_positive=1000,dentry_max_age_negative=0,container_name=42b24381dc12client 0 0 +default /run/weka-fs-mounts/default-DTQLAJ6KO6IUCZE23RBIM26YYUQNWKKK wekafs rw,relatime,writecache,inode_bits=auto,readahead_kb=32768,dentry_max_age_positive=1000,dentry_max_age_negative=0 0 0 +default /run/weka-fs-mounts/default-DTQLAJ6KO6IUCZE23RBIM26YYUQNWKSS wekafs rw,relatime,writecache,inode_bits=auto,readahead_kb=32768,dentry_max_age_positive=1000,dentry_max_age_negative=0,container_name=containername 0 0 +default /run/weka-fs-mounts/default-DTQLAJ6KO6IUCZE23RBIM26YYUQNWKAA-mystrangeclient wekafs rw,relatime,writecache,inode_bits=auto,readahead_kb=32768,dentry_max_age_positive=1000,dentry_max_age_negative=0 0 0 + +` + _, err = tmpFile.WriteString(mockData) + assert.NoError(t, err) + tmpFile.Close() + + // Redirect the function to read from the temporary file + originalProcMountsPath := ProcMountsPath + defer func() { ProcMountsPath = originalProcMountsPath }() + ProcMountsPath = tmpFile.Name() + + // Call the function and check the result + containerName, err := GetMountContainerNameFromActualMountPoint("/mnt/weka") + assert.NoError(t, err) + assert.Equal(t, "client", containerName) + + containerName, err = GetMountContainerNameFromActualMountPoint("/run/weka-fs-mounts/default-DTQLAJ6KO6IUCZE23RBIM26YYUQNWKST-42b24381dc12client") + assert.NoError(t, err) + assert.Equal(t, "42b24381dc12client", containerName) + + containerName, err = GetMountContainerNameFromActualMountPoint("/run/weka-fs-mounts/default-DTQLAJ6KO6IUCZE23RBIM26YYUQNWKKK") + assert.NoError(t, err) + assert.Equal(t, "", containerName) + + containerName, err = GetMountContainerNameFromActualMountPoint("/run/weka-fs-mounts/default-DTQLAJ6KO6IUCZE23RBIM26YYUQNWKSS") + assert.NoError(t, err) + assert.Equal(t, "containername", containerName) + + containerName, err = GetMountContainerNameFromActualMountPoint("/run/weka-fs-mounts/default-DTQLAJ6KO6IUCZE23RBIM26YYUQNWKSS-NONEXISTENT") + assert.Error(t, err) + assert.Equal(t, "", containerName) + + containerName, err = GetMountContainerNameFromActualMountPoint("/run/weka-fs-mounts/default-DTQLAJ6KO6IUCZE23RBIM26YYUQNWKAA-mystrangeclient") + assert.NoError(t, err) + assert.Equal(t, "", containerName) + + containerName, err = GetMountContainerNameFromActualMountPoint("/run/weka-fs-mounts/default-NONEXISTENT") + assert.Error(t, err) + assert.Equal(t, "", containerName) + +} From 9ea969bd9b5c885e89470d6790286a21f6df7b24 Mon Sep 17 00:00:00 2001 From: Weka CSI Bot Date: Thu, 7 Nov 2024 10:25:54 +0000 Subject: [PATCH 09/63] chore: autopublish 2024-11-07T10:25:54Z --- README.md | 7 ++++--- charts/csi-wekafsplugin/Chart.yaml | 4 ++-- charts/csi-wekafsplugin/README.md | 6 +++--- charts/csi-wekafsplugin/values.yaml | 2 +- 4 files changed, 10 insertions(+), 9 deletions(-) diff --git a/README.md b/README.md index f810d9b9e..d6c462d37 100644 --- a/README.md +++ b/README.md @@ -1,7 +1,7 @@ # CSI WekaFS Driver Helm chart for Deployment of WekaIO Container Storage Interface (CSI) plugin for WekaFS - the world fastest filesystem -![Version: 2.5.1-SNAPSHOT.41.bddf9ed](https://img.shields.io/badge/Version-2.5.1--SNAPSHOT.41.bddf9ed-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.5.1-SNAPSHOT.41.bddf9ed](https://img.shields.io/badge/AppVersion-v2.5.1--SNAPSHOT.41.bddf9ed-informational?style=flat-square) +![Version: 2.5.1-SNAPSHOT.44.0a35d77](https://img.shields.io/badge/Version-2.5.1--SNAPSHOT.44.0a35d77-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.5.1-SNAPSHOT.44.0a35d77](https://img.shields.io/badge/AppVersion-v2.5.1--SNAPSHOT.44.0a35d77-informational?style=flat-square) [![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0) [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/csi-wekafs)](https://artifacthub.io/packages/search?repo=csi-wekafs) @@ -18,6 +18,7 @@ https://github.com/weka/csi-wekafs - Kubernetes cluster of version 1.20 or later is recommended. Minimum version is 1.17 - Access to terminal with `kubectl` installed - Weka system pre-configured and Weka client installed and registered in cluster for each Kubernetes node +- Both AMD64 and ARM64 platforms are supported ## Deployment - [Helm public repo](https://artifacthub.io/packages/helm/csi-wekafs/csi-wekafsplugin) (recommended) @@ -44,7 +45,7 @@ make build |-----|------|---------|-------------| | dynamicProvisionPath | string | `"csi-volumes"` | Directory in root of file system where dynamic volumes are provisioned | | csiDriverName | string | `"csi.weka.io"` | Name of the driver (and provisioner) | -| csiDriverVersion | string | `"2.5.1-SNAPSHOT.41.bddf9ed"` | CSI driver version | +| csiDriverVersion | string | `"2.5.1-SNAPSHOT.44.0a35d77"` | CSI driver version | | images.livenessprobesidecar | string | `"registry.k8s.io/sig-storage/livenessprobe:v2.14.0"` | CSI liveness probe sidecar image URL | | images.attachersidecar | string | `"registry.k8s.io/sig-storage/csi-attacher:v4.7.0"` | CSI attacher sidecar image URL | | images.provisionersidecar | string | `"registry.k8s.io/sig-storage/csi-provisioner:v5.1.0"` | CSI provisioner sidecar image URL | @@ -53,7 +54,7 @@ make build | images.snapshottersidecar | string | `"registry.k8s.io/sig-storage/csi-snapshotter:v8.1.0"` | CSI snapshotter sidecar image URL | | images.nodeinfo | string | `"quay.io/weka.io/csi-wekafs"` | CSI nodeinfo sidecar image URL, used for reading node metadata | | images.csidriver | string | `"quay.io/weka.io/csi-wekafs"` | CSI driver main image URL | -| images.csidriverTag | string | `"2.5.1-SNAPSHOT.41.bddf9ed"` | CSI driver tag | +| images.csidriverTag | string | `"2.5.1-SNAPSHOT.44.0a35d77"` | CSI driver tag | | imagePullSecret | string | `""` | image pull secret required for image download. Must have permissions to access all images above. Should be used in case of private registry that requires authentication | | globalPluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for all CSI driver components | | controllerPluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for CSI controller component only (by default same as global) | diff --git a/charts/csi-wekafsplugin/Chart.yaml b/charts/csi-wekafsplugin/Chart.yaml index c07a95245..11c0da3b7 100644 --- a/charts/csi-wekafsplugin/Chart.yaml +++ b/charts/csi-wekafsplugin/Chart.yaml @@ -10,8 +10,8 @@ sources: home: https://github.com/weka/csi-wekafs icon: https://weka.github.io/csi-wekafs/logo.png type: application -version: 2.5.1-SNAPSHOT.41.bddf9ed -appVersion: v2.5.1-SNAPSHOT.41.bddf9ed +version: 2.5.1-SNAPSHOT.44.0a35d77 +appVersion: v2.5.1-SNAPSHOT.44.0a35d77 keywords: [storage, filesystem, HPC] annotations: artifacthub.io/category: "storage" diff --git a/charts/csi-wekafsplugin/README.md b/charts/csi-wekafsplugin/README.md index d67bafbbb..3ddf2b028 100644 --- a/charts/csi-wekafsplugin/README.md +++ b/charts/csi-wekafsplugin/README.md @@ -3,7 +3,7 @@ Helm chart for Deployment of WekaIO Container Storage Interface (CSI) plugin for [![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0) [![Artifact HUB](https://img.shields.io/endpoint?url=https://artifacthub.io/badge/repository/csi-wekafs)](https://artifacthub.io/packages/search?repo=csi-wekafs) -![Version: 2.5.1-SNAPSHOT.41.bddf9ed](https://img.shields.io/badge/Version-2.5.1--SNAPSHOT.41.bddf9ed-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.5.1-SNAPSHOT.41.bddf9ed](https://img.shields.io/badge/AppVersion-v2.5.1--SNAPSHOT.41.bddf9ed-informational?style=flat-square) +![Version: 2.5.1-SNAPSHOT.44.0a35d77](https://img.shields.io/badge/Version-2.5.1--SNAPSHOT.44.0a35d77-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.5.1-SNAPSHOT.44.0a35d77](https://img.shields.io/badge/AppVersion-v2.5.1--SNAPSHOT.44.0a35d77-informational?style=flat-square) ## Homepage https://github.com/weka/csi-wekafs @@ -52,7 +52,7 @@ helm install csi-wekafsplugin csi-wekafs/csi-wekafsplugin --namespace csi-wekafs |-----|------|---------|-------------| | dynamicProvisionPath | string | `"csi-volumes"` | Directory in root of file system where dynamic volumes are provisioned | | csiDriverName | string | `"csi.weka.io"` | Name of the driver (and provisioner) | -| csiDriverVersion | string | `"2.5.1-SNAPSHOT.41.bddf9ed"` | CSI driver version | +| csiDriverVersion | string | `"2.5.1-SNAPSHOT.44.0a35d77"` | CSI driver version | | images.livenessprobesidecar | string | `"registry.k8s.io/sig-storage/livenessprobe:v2.14.0"` | CSI liveness probe sidecar image URL | | images.attachersidecar | string | `"registry.k8s.io/sig-storage/csi-attacher:v4.7.0"` | CSI attacher sidecar image URL | | images.provisionersidecar | string | `"registry.k8s.io/sig-storage/csi-provisioner:v5.1.0"` | CSI provisioner sidecar image URL | @@ -61,7 +61,7 @@ helm install csi-wekafsplugin csi-wekafs/csi-wekafsplugin --namespace csi-wekafs | images.snapshottersidecar | string | `"registry.k8s.io/sig-storage/csi-snapshotter:v8.1.0"` | CSI snapshotter sidecar image URL | | images.nodeinfo | string | `"quay.io/weka.io/csi-wekafs"` | CSI nodeinfo sidecar image URL, used for reading node metadata | | images.csidriver | string | `"quay.io/weka.io/csi-wekafs"` | CSI driver main image URL | -| images.csidriverTag | string | `"2.5.1-SNAPSHOT.41.bddf9ed"` | CSI driver tag | +| images.csidriverTag | string | `"2.5.1-SNAPSHOT.44.0a35d77"` | CSI driver tag | | imagePullSecret | string | `""` | image pull secret required for image download. Must have permissions to access all images above. Should be used in case of private registry that requires authentication | | globalPluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for all CSI driver components | | controllerPluginTolerations | list | `[{"effect":"NoSchedule","key":"node-role.kubernetes.io/master","operator":"Exists"}]` | Tolerations for CSI controller component only (by default same as global) | diff --git a/charts/csi-wekafsplugin/values.yaml b/charts/csi-wekafsplugin/values.yaml index 7356b3cb8..82efcb939 100644 --- a/charts/csi-wekafsplugin/values.yaml +++ b/charts/csi-wekafsplugin/values.yaml @@ -5,7 +5,7 @@ dynamicProvisionPath: "csi-volumes" # -- Name of the driver (and provisioner) csiDriverName: "csi.weka.io" # -- CSI driver version -csiDriverVersion: &csiDriverVersion 2.5.1-SNAPSHOT.41.bddf9ed +csiDriverVersion: &csiDriverVersion 2.5.1-SNAPSHOT.44.0a35d77 images: # -- CSI liveness probe sidecar image URL livenessprobesidecar: registry.k8s.io/sig-storage/livenessprobe:v2.14.0 From ac825070bd7c77a90e9dfdb5ade428d7f5fa1288 Mon Sep 17 00:00:00 2001 From: Ari Attias Date: Tue, 19 Nov 2024 16:19:03 +0200 Subject: [PATCH 10/63] Add Storage class configurations file --- docs/storage-class-configurations.md | 363 +++++++++++++++++++++++++++ 1 file changed, 363 insertions(+) create mode 100644 docs/storage-class-configurations.md diff --git a/docs/storage-class-configurations.md b/docs/storage-class-configurations.md new file mode 100644 index 000000000..462fa76cc --- /dev/null +++ b/docs/storage-class-configurations.md @@ -0,0 +1,363 @@ +# Storage class configurations + +The Weka CSI Plugin supports the following persistent volume types: + +* **Dynamic:** Persistent Volume Claim (PVC). +* **Static:** Persistent Volume (PV). + +The Weka CSI Plugin communicates with the WEKA cluster using REST API, leveraging this integration to provide extended capabilities, such as strictly enforcing volume capacity usage through integration with filesystem directory quota functionality. For details, see [Quota management](../../weka-filesystems-and-object-stores/quota-management/). + +Starting from CSI Plugin **v2.0,** three StorageClass configurations are available: + +* Directory-backed StorageClass +* Snapshot-backed StorageClass +* Filesystem-backed StorageClass + +## API-based communication model + +In the API-based model, the API endpoint addresses and authentication credentials must be provided to the WEKA CSI Plugin to establish a REST API connection with the WEKA cluster and perform configuration tasks. + +The information is stored securely in [Kubernetes secret](https://kubernetes.io/docs/concepts/configuration/secret/), referred to by the Storage Class. + +Adhere to the following: + +* The configuration described in this section applies to WEKA CSI Plugin version **0.8.4** and higher. To get all features, WEKA CSI Plugin version **2.0** is required. +* Directory quota integration requires WEKA cluster version **3.13.0** and higher. +* Snapshot quota integration requires WEKA cluster version **4.2** and higher. +* Authenticated mounts for filesystems set with `auth-required=true`, and filesystems in the non-root organization, require WEKA cluster version **3.14.0** and higher. + +{% hint style="info" %} +The legacy communication model is deprecated and will be removed in the next release. If you are using the legacy communication model, replacing it with the API-based one is recommended. +{% endhint %} + +## Prerequisites + +* To provision any persistent volume type, a Storage Class must exist in Kubernetes deployment that matches the secret name and namespace in the WEKA cluster configuration. +* For directory-backed and snapshot-backed storage class configurations, a filesystem must be pre-created on the WEKA cluster to create PVCs. +* For the filesystem-backed StorageClass configuration, the filesystem name is generated automatically based on the PVC name, but the filesystem group name must be declared in the Storage Class configuration. + +## Configure secret data + +1. Create a secret data file (see the following example). + +
+ +Example: csi-wekafs-api-secret.yaml file + +{% code title="csi-wekafs/examples/dynamic_api/csi-wekafs-api-secret.yaml" %} +``` +apiVersion: v1 +kind: Secret +metadata: + name: csi-wekafs-api-secret + namespace: csi-wekafs +type: Opaque +data: + # A username to connect to the cluster API (base64-encoded) + username: YWRtaW4= + # A password to connect to the cluster API (base64-encoded) + password: YWRtaW4= + # An organization to connect to (default Root, base64-encoded) + organization: Um9vdA== + # A comma-separated list of cluster management endpoints. Format: (base64-encoded) + # It is recommended to configure at least 2 management endpoints (cluster backend nodes), or a load-balancer if used + # e.g. 172.31.15.113:14000,172.31.12.91:14000 + endpoints: MTcyLjMxLjQxLjU0OjE0MDAwLDE3Mi4zMS40Ny4xNTI6MTQwMDAsMTcyLjMxLjM4LjI1MDoxNDAwMCwxNzIuMzEuNDcuMTU1OjE0MDAwLDE3Mi4zMS4zMy45MToxNDAwMCwxNzIuMzEuMzguMTU1OjE0MDAwCg== + # protocol to use for API connection (may be either http or https, base64-encoded) + scheme: aHR0cA== + # for multiple clusters setup, set a specific container name (base64-encoded) + localContainerName: "" + # for cloud deployments with automatic healing and auto-scaling, set to "true" to enable automatic updates of the endpoints. + # The API endpoints will be updated automatically on first connection to the cluster API, as well as on each re-login + # maybe either (true/false), base64-encoded + # NOTE: if a load balancer is used to access the cluster API, leave this setting as "false" + autoUpdateEndpoints: ZmFsc2U= + # It is recommended to configure all NFS server IP addresses to better share the load/balance the traffic. + # NOTE: this setting is optional and should be used only when the NFS Group IP addresses are not set in the cluster + # WARNING: providing a load balancer IP address that uses NFS connection redirects (also known as `referrals`) to other servers is not supported. + # e.g. 10.100.100.1,10.100.100.2 + nfsTargetIps: "" + # When using HTTPS connection and self-signed or untrusted certificates, provide a CA certificate in PEM format, base64-encoded + # for cloud deployments or other scenarios where setting an NFS Group IP addresses is not possible, + # provide a comma-separated list of NFS target IP addresses in form of (base64-encoded) + # caCertificate: + caCertificate: "" + +``` +{% endcode %} + +
+ +2. Apply the secret data and validate it is created successfully. + +
+ +Apply the yaml file + +``` +# apply the secret .yaml file +$ kubectl apply -f csi-wekafs-api-secret.yaml + +# Check the secret was successfully created +$ kubectl get secret csi-wekafs-api-secret -n csi-wekafs +NAME TYPE DATA AGE +csi-wekafs-api-secret Opaque 5 7m +``` + +
+ +{% hint style="info" %} +To provision CSI volumes on filesystems residing in non-root organizations or filesystems, set with `auth-required=true`. A CSI Plugin of version **0.8.4** and higher and WEKA cluster version **3.14** and higher are required. +{% endhint %} + +#### Secret data parameters + +All values in the secret data file must be in base64-encoded format. + +
KeyDescriptionComments
usernameThe user name for API access to the WEKA cluster.

To run the CSI Plugin in a non-default organization, OrgAdmin permission is required. In other cases, ClusterAdmin permission is required.

It is recommended that you create a separate user for the CSI Plugin. See user-management.

passwordThe user password for API access to the WEKA cluster.
organizationThe WEKA organization name for the user.
For a single organization, use Root.		You can use multiple secrets to access multiple organizations, which are specified in different storage classes.
schemeThe URL scheme that is used for communicating with the WEKA cluster API.http or https can be used. The user must ensure that the Weka cluster was configured to use the same connection scheme.
endpoints

Comma-separated list of endpoints consisting of IP address and port. For example,

172.31.15.113:14000,172.31.12.91:14000

For redundancy, specify the management IP addresses of at least 2 backend servers.
localContainerNameWEKA client container name for the client connected to the relevant WEKA cluster.
Only required when connecting a K8s worker node to multiple WEKA clusters.
For a single cluster, do not set this parameter.

All local container names relevant to a specific WEKA cluster must be the same across all k8s worker nodes.

For details, see Connect k8s worker nodes to multiple WEKA clusters

autoUpdateEndpointsSpecify whether the WEKA CSI Plugin performs automatic periodic updates of API endpoints (true or false).

In cloud-based clusters with automatic scaling and healing, the IP addresses of management containers can change over time. To prevent losing API connectivity, the plugin can automatically retrieve all management container IP addresses from the cluster at login.

If using an external load balancer, set this option to false.

nfsTargetIpsA comma-separated list of IP addresses to use when publishing volumes over NFS.Normally, the system automatically retrieves IP addresses from the interface group defined on the WEKA cluster, leaving this parameter empty. However, if no Virtual IP addresses are set on the interface group (for example, in cloud environments), manually provide the IP addresses in this parameter.
caCertificatecustom CA certificate used to generate the HTTPS certificate for the WEKA cluster. The certificate must be in PEM format and Base64-encoded. As of WEKA version 4.3.0, HTTPS communication is mandatory. To ensure a secure connection without bypassing certificate checks, it's recommended to provide the certificate file within a secret.
+ +## Connect K8s worker nodes to multiple WEKA clusters + +A single K8s worker node can be connected to multiple WEKA clusters (maximum 7 clusters) simultaneously. + +

k8s worker nodes connected to multiple WEKA clusters

+ +#### Procedure + +1. For each k8s worker node, create a number of WEKA client containers according to the number of clusters you want to connect to.\ + The WEKA client container name must be according to the WEKA cluster that is connected to. For example, to connect to 7 WEKA clusters, it is required to create 7 WEKA client containers named client 1, client 2, and so on. +2. Create secret data files for each WEKA cluster. In the `localContainerName` set the relevant client container name. For example, for client 1 set the name of the client container connected to cluster 1. +3. Configure storage classes using the relevant secret data file. + +{% hint style="info" %} +Filesystem names used for k8s (defined in the storage classes) must be unique across all clusters. +{% endhint %} + +**Related topic** + +[mount-filesystems-from-multiple-clusters-on-a-single-client.md](../../weka-filesystems-and-object-stores/mounting-filesystems/mount-filesystems-from-multiple-clusters-on-a-single-client.md "mention") + +## Configure directory-backed StorageClass + +1. Create a directory-backed storage class yaml file (see the following example). + +
+ +Example: storageclass-wekafs-dir-api.yaml + +{% code title="csi-wekafs/examples/dynamic_api/storageclass-wekafs-dir-api.yaml" %} +```yaml +apiVersion: storage.k8s.io/v1 +kind: StorageClass +metadata: + name: storageclass-wekafs-dir-api +provisioner: csi.weka.io +reclaimPolicy: Delete +volumeBindingMode: Immediate +allowVolumeExpansion: true +parameters: + volumeType: dir/v1 + filesystemName: default + capacityEnforcement: HARD + # optional parameters setting UID, GID and permissions on volume + # UID of the volume owner, default 0 (root) + #ownerUid: "1000" + # GID of the volume owner, default 0 (root) + #ownerGid: "1000" + # permissions in Unix octal format, default "0750" + #permissions: "0775" + # name of the secret that stores API credentials for a cluster + # change the name of secret to match secret of a particular cluster (if you have several Weka clusters) + csi.storage.k8s.io/provisioner-secret-name: &secretName csi-wekafs-api-secret + # change the name of the namespace in which the cluster API credentials + csi.storage.k8s.io/provisioner-secret-namespace: &secretNamespace csi-wekafs + # do not change anything below this line, or set to same parameters as above + csi.storage.k8s.io/controller-publish-secret-name: *secretName + csi.storage.k8s.io/controller-publish-secret-namespace: *secretNamespace + csi.storage.k8s.io/controller-expand-secret-name: *secretName + csi.storage.k8s.io/controller-expand-secret-namespace: *secretNamespace + csi.storage.k8s.io/node-stage-secret-name: *secretName + csi.storage.k8s.io/node-stage-secret-namespace: *secretNamespace + csi.storage.k8s.io/node-publish-secret-name: *secretName + csi.storage.k8s.io/node-publish-secret-namespace: *secretNamespace + +``` +{% endcode %} + +
+ +2. Apply the directory-backed storage class and validate it is created successfully. + +
+ +Apply the yaml file + +``` +# apply the storageclass .yaml file +$ kubectl apply -f storageclass-wekafs-dir-api.yaml +storageclass.storage.k8s.io/storageclass-wekafs-dir-api created + +# check the storageclass resource has been created successfully +$ kubectl get sc +NAME PROVISIONER RECLAIMPOLICY VOLUMEBINDINGMODE ALLOWVOLUMEEXPANSION AGE +storageclass-wekafs-dir-api csi.weka.io Delete Immediate true 75s +``` + +
+ +Adhere to the following: + +* You can define multiple storage classes different filesystem groups for filesystem backups. +* You can use the same secret for multiple storage classes, as long as the credentials are valid to access the filesystem. +* You can use several secret data files for different organizations on the same WEKA cluster, or for different WEKA clusters spanning across the same Kubernetes cluster. + +#### Directory-backed StorageClass **parameters** + +
ParameterDescription
filesystemName

The name of the WEKA filesystem to create directories as Kubernetes volumes.

The filesystem must exist on the WEKA cluster.

The filesystem may not be defined as authenticated.

capacityEnforcement

Possible values: HARD or SOFT.

  • HARD: Strictly enforce quota and deny any write operation to the persistent volume consumer until space is freed.
  • SOFT: Do not strictly enforce the quota. If the quota is reached, create an alert on the WEKA cluster.
ownerUidEffective User ID of the owner user for the provisioned CSI volume. Might be required for application deployments running under non-root accounts.
Defaults to 0 CSI plugin v2.0 adds fsgroup features so this is optional.
ownerGidEffective Group ID of the owner user for the provisioned CSI volume. Might be required for application deployments running under non-root accounts.
Defaults to 0 CSI plugin v2.0 adds fsgroup features so this is optional.
permissionsUnix permissions for the provisioned volume root directory in octal format. It must be set in quotes. Defaults to 0775
csi.storage.k8s.io/provisioner-secret-name

Name of the K8s secret. For example, csi-wekafs-api-secret.

It is recommended to use a trust anchor definition to avoid mistakes because the same value (&secretName) must be specified in the additional parameters according to the CSI specifications.
Format: see Example: storageclass-wekafs-dir-api.yaml above (the additional parameters appear at the end of the example).

csi.storage.k8s.io/provisioner-secret-namespace

The namespace the secret is located in.

The secret may reside in the CSI plugin namespace or a different one.

It is recommended to use a trust anchor definition to avoid mistakes because the same value (&secretNamespace) must be specified in the additional parameters according to the CSI specifications.
Format: see Example: storageclass-wekafs-dir-api.yaml above (the additional parameters appear at the end of the example).

+ +## Configure snapshot-backed StorageClass + +1. Create a snapshot-backed StorageClass yaml file (see the following example). + +
+ +Example: storageclass-wekafs-snap-api.yaml + +{% code title="csi-wekafs/examples/dynamic_snapshot/storageclass-wekafs-snap-api.yaml" %} +```yaml +apiVersion: storage.k8s.io/v1 +kind: StorageClass +metadata: + name: storageclass-wekafs-snap-api +provisioner: csi.weka.io +reclaimPolicy: Delete +volumeBindingMode: Immediate +allowVolumeExpansion: true +parameters: + volumeType: weka/v2 # this line can be ommitted completely + + # name of an EMPTY filesystem to provision volumes on + filesystemName: default + + # name of the secret that stores API credentials for a cluster + # change the name of secret to match secret of a particular cluster (if you have several Weka clusters) + csi.storage.k8s.io/provisioner-secret-name: &secretName csi-wekafs-api-secret + # change the name of the namespace in which the cluster API credentials + csi.storage.k8s.io/provisioner-secret-namespace: &secretNamespace csi-wekafs + # do not change anything below this line, or set to same parameters as above + csi.storage.k8s.io/controller-publish-secret-name: *secretName + csi.storage.k8s.io/controller-publish-secret-namespace: *secretNamespace + csi.storage.k8s.io/controller-expand-secret-name: *secretName + csi.storage.k8s.io/controller-expand-secret-namespace: *secretNamespace + csi.storage.k8s.io/node-stage-secret-name: *secretName + csi.storage.k8s.io/node-stage-secret-namespace: *secretNamespace + csi.storage.k8s.io/node-publish-secret-name: *secretName + csi.storage.k8s.io/node-publish-secret-namespace: *secretNamespace +``` +{% endcode %} + +
+ +2. Apply the snapshot-backed StorageClass and validate it is created successfully. + +
+ +Apply the yaml file + +``` +# apply the storageclass.yaml file +$ kubectl apply -f storageclass-wekafs-snap-api.yaml +storageclass.storage.k8s.io/storageclass-wekafs-snap-api created + +# check the storageclass resource has been created successfully +$ kubectl get sc +NAME PROVISIONER RECLAIMPOLICY VOLUMEBINDINGMODE ALLOWVOLUMEEXPANSION AGE +storageclass-wekafs-snap-api csi.weka.io Delete Immediate true 75s +``` + +
+ +Adhere to the following: + +* You can define multiple storage classes with different filesystems. +* You can use the same secret for multiple storage classes, as long as the credentials are valid to access the filesystem. +* You can use several secret data files for different organizations on the same WEKA cluster, or for different WEKA clusters spanning across the same Kubernetes cluster. + +#### snapshot-backed StorageClass parameters + +
ParameterDescription
volumeType

The CSI Plugin volume type.

For snapshot-backed StorageClass configurations, use weka/v2.

filesystemName

The name of the WEKA filesystem to create snapshots as Kubernetes volumes.

The filesystem must exist on the WEKA cluster and be empty.

csi.storage.k8s.io/provisioner-secret-name

Name of the K8s secret. For example, csi-wekafs-api-secret.

It is recommended to use a trust anchor definition to avoid mistakes because the same value must be specified in the additional parameters according to the CSI specifications.
Format: see Example: storageclass-wekafs-snap-api.yaml above (the additional parameters appear at the end of the example).

csi.storage.k8s.io/provisioner-secret-namespace

The namespace the secret is located in.

The secret must be located in a different namespace than the installed CSI Plugin.

It is recommended to use a trust anchor definition to avoid mistakes because the same value must be specified in the additional parameters according to the CSI specifications.
Format: see Example: storageclass-wekafs-snap-api.yaml above (the additional parameters appear at the end of the example).

+ +## Configure filesystem-backed StorageClass + +1. Create a filesystem-backed StorageClass yaml file (see the following example). + +
+ +Example: storageclass-wekafs-fs-api.yaml + +{% code title="csi-wekafs/examples/dynamic_filesystem/storageclass-wekafs-fs-api.yaml" %} +```yaml +apiVersion: storage.k8s.io/v1 +kind: StorageClass +metadata: + name: storageclass-wekafs-fs-api +provisioner: csi.weka.io +reclaimPolicy: Delete +volumeBindingMode: Immediate +allowVolumeExpansion: true +parameters: + volumeType: weka/v2 # this line can be ommitted completely + + # name of the filesystem group to create FS in. + filesystemGroupName: default + # minimum size of filesystem to create (preallocate space for snapshots and derived volumes) + initialFilesystemSizeGB: "100" + + # name of the secret that stores API credentials for a cluster + # change the name of secret to match secret of a particular cluster (if you have several Weka clusters) + csi.storage.k8s.io/provisioner-secret-name: &secretName csi-wekafs-api-secret + # change the name of the namespace in which the cluster API credentials + csi.storage.k8s.io/provisioner-secret-namespace: &secretNamespace csi-wekafs + # do not change anything below this line, or set to same parameters as above + csi.storage.k8s.io/controller-publish-secret-name: *secretName + csi.storage.k8s.io/controller-publish-secret-namespace: *secretNamespace + csi.storage.k8s.io/controller-expand-secret-name: *secretName + csi.storage.k8s.io/controller-expand-secret-namespace: *secretNamespace + csi.storage.k8s.io/node-stage-secret-name: *secretName + csi.storage.k8s.io/node-stage-secret-namespace: *secretNamespace + csi.storage.k8s.io/node-publish-secret-name: *secretName + csi.storage.k8s.io/node-publish-secret-namespace: *secretNamespace + +``` +{% endcode %} + +
+ +2. Apply the filesystem-backed StorageClass and validate it is created successfully. + +
+ +Apply the yaml file + +``` +# apply the storageclass.yaml file +$ kubectl apply -f storageclass-wekafs-fs-api.yaml +storageclass.storage.k8s.io/storageclass-wekafs-fs-api created + +# check the storageclass resource has been created successfully +$ kubectl get sc +NAME PROVISIONER RECLAIMPOLICY VOLUMEBINDINGMODE ALLOWVOLUMEEXPANSION AGE +storageclass-wekafs-fs-api csi.weka.io Delete Immediate true 75s +``` + +
+ +Adhere to the following: + +* You can define multiple storage classes with different filesystems. +* You can use the same secret for multiple storage classes, as long as the credentials are valid to access the filesystem. +* You can use several secret data files for different organizations on the same WEKA cluster, or for different WEKA clusters spanning across the same Kubernetes cluster. + +#### filesystem-backed StorageClass **parameters** + +
ParameterDescription
volumeType

The CSI Plugin volume type.

For filesystem-backed StorageClass configurations, use weka/v2.

filesystemGroupNameThe name of the WEKA filesystem to create filesystems as Kubernetes volumes.
The filesystem group must exist on the WEKA cluster.
initialFilesystemSizeGB

The default size to create new filesystems.
Set this parameter in the following cases:

  • When the PVC requested size is smaller than the specified value.
  • For additional space required by snapshots of a volume or snapshot-backed volumes derived from this filesystem.
csi.storage.k8s.io/provisioner-secret-name

Name of the K8s secret. For example, csi-wekafs-api-secret.

It is recommended to use a trust anchor definition to avoid mistakes because the same value must be specified in the additional parameters below, according to the CSI specifications.
Format: see Example: storageclass-wekafs-snap-api.yaml above (the additional parameters appear at the end of the example).

csi.storage.k8s.io/provisioner-secret-namespace

The namespace the secret is located in.

The secret must be located in a different namespace than the installed CSI Plugin.

It is recommended to use a trust anchor definition to avoid mistakes because the same value must be specified in the additional parameters according to the CSI specifications.
Format: see Example: storageclass-wekafs-fs-api.yaml above (the additional parameters appear at the end of the example).

From 01a16d77511cf9c290522b748629b542eebec206 Mon Sep 17 00:00:00 2001 From: Ari Attias Date: Tue, 19 Nov 2024 16:25:17 +0200 Subject: [PATCH 11/63] Update storage-class-configurations.md --- docs/storage-class-configurations.md | 15 +++++---------- 1 file changed, 5 insertions(+), 10 deletions(-) diff --git a/docs/storage-class-configurations.md b/docs/storage-class-configurations.md index 462fa76cc..3150d42ab 100644 --- a/docs/storage-class-configurations.md +++ b/docs/storage-class-configurations.md @@ -5,7 +5,7 @@ The Weka CSI Plugin supports the following persistent volume types: * **Dynamic:** Persistent Volume Claim (PVC). * **Static:** Persistent Volume (PV). -The Weka CSI Plugin communicates with the WEKA cluster using REST API, leveraging this integration to provide extended capabilities, such as strictly enforcing volume capacity usage through integration with filesystem directory quota functionality. For details, see [Quota management](../../weka-filesystems-and-object-stores/quota-management/). +The Weka CSI Plugin communicates with the WEKA cluster using REST API, leveraging this integration to provide extended capabilities, such as strictly enforcing volume capacity usage through integration with filesystem directory quota functionality. For details, see [Quota management](https://docs.weka.io/weka-filesystems-and-object-stores/quota-management/). Starting from CSI Plugin **v2.0,** three StorageClass configurations are available: @@ -26,9 +26,8 @@ Adhere to the following: * Snapshot quota integration requires WEKA cluster version **4.2** and higher. * Authenticated mounts for filesystems set with `auth-required=true`, and filesystems in the non-root organization, require WEKA cluster version **3.14.0** and higher. -{% hint style="info" %} -The legacy communication model is deprecated and will be removed in the next release. If you are using the legacy communication model, replacing it with the API-based one is recommended. -{% endhint %} +**Note**: The legacy communication model is deprecated and will be removed in the next release. If you are using the legacy communication model, replacing it with the API-based one is recommended. + ## Prerequisites @@ -106,9 +105,7 @@ csi-wekafs-api-secret Opaque 5 7m -{% hint style="info" %} -To provision CSI volumes on filesystems residing in non-root organizations or filesystems, set with `auth-required=true`. A CSI Plugin of version **0.8.4** and higher and WEKA cluster version **3.14** and higher are required. -{% endhint %} +**Note**: To provision CSI volumes on filesystems residing in non-root organizations or filesystems, set with `auth-required=true`. A CSI Plugin of version **0.8.4** and higher and WEKA cluster version **3.14** and higher are required. #### Secret data parameters @@ -129,9 +126,7 @@ A single K8s worker node can be connected to multiple WEKA clusters (maximum 7 c 2. Create secret data files for each WEKA cluster. In the `localContainerName` set the relevant client container name. For example, for client 1 set the name of the client container connected to cluster 1. 3. Configure storage classes using the relevant secret data file. -{% hint style="info" %} -Filesystem names used for k8s (defined in the storage classes) must be unique across all clusters. -{% endhint %} +**Note**: Filesystem names used for k8s (defined in the storage classes) must be unique across all clusters. **Related topic** From c54e77291f25d8507a828affaea21043d4c9af75 Mon Sep 17 00:00:00 2001 From: Ari Attias Date: Tue, 19 Nov 2024 16:27:43 +0200 Subject: [PATCH 12/63] Update storage-class-configurations.md --- docs/storage-class-configurations.md | 8 -------- 1 file changed, 8 deletions(-) diff --git a/docs/storage-class-configurations.md b/docs/storage-class-configurations.md index 3150d42ab..dddd2117b 100644 --- a/docs/storage-class-configurations.md +++ b/docs/storage-class-configurations.md @@ -43,7 +43,6 @@ Adhere to the following: Example: csi-wekafs-api-secret.yaml file -{% code title="csi-wekafs/examples/dynamic_api/csi-wekafs-api-secret.yaml" %} ``` apiVersion: v1 kind: Secret @@ -83,7 +82,6 @@ data: caCertificate: "" ``` -{% endcode %} @@ -140,7 +138,6 @@ A single K8s worker node can be connected to multiple WEKA clusters (maximum 7 c Example: storageclass-wekafs-dir-api.yaml -{% code title="csi-wekafs/examples/dynamic_api/storageclass-wekafs-dir-api.yaml" %} ```yaml apiVersion: storage.k8s.io/v1 kind: StorageClass @@ -177,7 +174,6 @@ parameters: csi.storage.k8s.io/node-publish-secret-namespace: *secretNamespace ``` -{% endcode %} @@ -218,7 +214,6 @@ Adhere to the following: Example: storageclass-wekafs-snap-api.yaml -{% code title="csi-wekafs/examples/dynamic_snapshot/storageclass-wekafs-snap-api.yaml" %} ```yaml apiVersion: storage.k8s.io/v1 kind: StorageClass @@ -249,7 +244,6 @@ parameters: csi.storage.k8s.io/node-publish-secret-name: *secretName csi.storage.k8s.io/node-publish-secret-namespace: *secretNamespace ``` -{% endcode %} @@ -290,7 +284,6 @@ Adhere to the following: Example: storageclass-wekafs-fs-api.yaml -{% code title="csi-wekafs/examples/dynamic_filesystem/storageclass-wekafs-fs-api.yaml" %} ```yaml apiVersion: storage.k8s.io/v1 kind: StorageClass @@ -324,7 +317,6 @@ parameters: csi.storage.k8s.io/node-publish-secret-namespace: *secretNamespace ``` -{% endcode %} From 099b6626028d281e121f8b7ba00c0cb32331b29b Mon Sep 17 00:00:00 2001 From: Ari Attias Date: Tue, 19 Nov 2024 16:31:37 +0200 Subject: [PATCH 13/63] Update storage-class-configurations.md --- docs/storage-class-configurations.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/storage-class-configurations.md b/docs/storage-class-configurations.md index dddd2117b..4de053858 100644 --- a/docs/storage-class-configurations.md +++ b/docs/storage-class-configurations.md @@ -128,7 +128,7 @@ A single K8s worker node can be connected to multiple WEKA clusters (maximum 7 c **Related topic** -[mount-filesystems-from-multiple-clusters-on-a-single-client.md](../../weka-filesystems-and-object-stores/mounting-filesystems/mount-filesystems-from-multiple-clusters-on-a-single-client.md "mention") +[Mount filesystems from multiple clusters on a single client](https://docs.weka.io/weka-filesystems-and-object-stores/mounting-filesystems/mount-filesystems-from-multiple-clusters-on-a-single-client)] ## Configure directory-backed StorageClass From 64ec07fd4e10d2294c271206dcaf34c60d21956a Mon Sep 17 00:00:00 2001 From: Ari Attias Date: Tue, 19 Nov 2024 16:36:51 +0200 Subject: [PATCH 14/63] Update storage-class-configurations.md --- docs/storage-class-configurations.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/storage-class-configurations.md b/docs/storage-class-configurations.md index 4de053858..89dff0075 100644 --- a/docs/storage-class-configurations.md +++ b/docs/storage-class-configurations.md @@ -128,7 +128,7 @@ A single K8s worker node can be connected to multiple WEKA clusters (maximum 7 c **Related topic** -[Mount filesystems from multiple clusters on a single client](https://docs.weka.io/weka-filesystems-and-object-stores/mounting-filesystems/mount-filesystems-from-multiple-clusters-on-a-single-client)] +[Mount filesystems from multiple clusters on a single client](https://docs.weka.io/weka-filesystems-and-object-stores/mounting-filesystems/mount-filesystems-from-multiple-clusters-on-a-single-client) ## Configure directory-backed StorageClass From a6f0097b2c7267ad3d3d8489c7e3fd228f82c502 Mon Sep 17 00:00:00 2001 From: Ari Attias Date: Tue, 19 Nov 2024 16:40:52 +0200 Subject: [PATCH 15/63] Add files via upload --- docs/csi-images/k8s-multiple-clusters.png | Bin 0 -> 129623 bytes 1 file changed, 0 insertions(+), 0 deletions(-) create mode 100644 docs/csi-images/k8s-multiple-clusters.png diff --git a/docs/csi-images/k8s-multiple-clusters.png b/docs/csi-images/k8s-multiple-clusters.png new file mode 100644 index 0000000000000000000000000000000000000000..b1fdd1f5a40349d5b711ac71cb29b9013cec1628 GIT binary patch literal 129623 zcmbTe1yqz>+cpg2Af+^-G*Z&i-6Desh#=kF-3^i=EuAVN-Q6J4p)}Gh-Cf@veDC{t z{`YgOfBpYj7cvglTzl^`kMr33oRC+tlK0UF(GU<2?n}X*y+%NQdLbY{6jAPicl2M+ z+k;<-_OB(y5DNQ=*T8?C8LCJb$;cqkgV!hsh(V?ZQ1~t2hY3L zA0`+_MMINCtKG=bknmeue@F0Gt2or>$zbvmSnSOFG26}2b`R-_Y>o4Fs#AZWv+#gn z|7O_$a}(!g;z3%)SpTjm4h;@D;$N=;?9RifU>@?n{t>(>?$e4Xj6x*>`O7sY55e;i zFjK(@g~ELPay_}+W&i63MIfZqBJ&-e1DA{c`au|c&^vz_5j^exZP3yXa!-_e)w1Wi z9navCUK5#{dyDztk~IneHS*s}gbz1kH|F_h(C;#{5&E_1I%mSLBynm)9GD~|VIy*i z@$yx^T!$QU$4f{*r3m)4E0=Bre5x5W&?lE1@d-UW;)jVmwx4<=Tef4sQ+-ZQU*(@P zhVhEw*zh6JzWa^$J@qY4rjIlDFY~SNACIBDVrfAk|n9^rB{_q!}gU2LE__WHE z*_1r}uLb|Ras<@sAcO$2lks3ST4ajNKtd4aS#$(>Z)}pgO@yJvphr=^U1! z3YQQ%0Xh&%o0!gIrKR1h=Sj$P|I@hI*Pcx6yQhm0J=@cD3e)(N|H$KCO=F|JIt>X9 zq=k{YLbW`P-qh^16B+KzG+aM--ugw&J?l|6<#n-jT`%Z<+-X@gO%t!}Rg>a4s=A-2 zef6U8Y=!8?^(&dj(TK9$R>fHN`$z04Gb1z?C);&9-Of!HnyNK+hB1b!xAR_*nM-w^ ziCRr_XPz0!$`nFdqigAZ{%1{t!3Y8A9Bf=c>l%=uESVVo?doqkg0Gd8X_Yl>11>kT zZ=zdU#fJ6<2Ve7E?tWX&O16qdLVu7@?|pMI%VyAtrCOpFV2|992Ddp89MsIv$nc#Y zvYXQmDXQe^tS6bY;Y{W`Q+k&vKUQ}3e{p=dbkbwPsb z-Jeo~LXa5WcvT+eTtG^PgPYkvG`g~(w_~t;^ZXtx0FoH}SvS%9^h)HHu zb~z)mi&eVTa557^pzR^gWj(|A_U`>?FxbW57ij|bU-gff??W^7!+D?g^DN%GshPdG zKFQj29MfDKa9>F@Ht0{`-H-6T{I+!FAw+&5sz<9R>?h&AZ5bZe##8Oq3gD zGK*NaR}nvJMq3lUIU7J~TF#f`Bb8lneh_^G>-g4%P5B&Fq}2c=UAx)2xe`{bw)uFt zH900qsizDh_XLWR(w?+m!l2q+j@RyXZag4an{8^s#wsntyd+5FFpU2OGnTe_9JP2hCy?O?5=`PsyP*Qic8mJpV~+2;tMeRSdA z5`;aZBZ@#Qt*Fg-L4UGfDgsT1sI^IoAYwiLM*{cHFJ^D7^kgzDGgs5SXWI613Jc@> z{2+_5{^QSDP`Nd{FBi#{qotWyA3tcrN8yx^kgyw;mwY7udsN*zR+7}U?SpClw$41V z=jlQy%gYohjj={g_aW=VuA;j>jCY&sLL@+ZV(6 zWh*Tv9?J>r`Jd_fd->eK1*UI@ni&I3A9E^LcU$0~m;Js;o6qOSw5b7NbxK4Q+>FR= z!wox&G};Vqp_is&b3miV^ATOHP_Of$^mB*Oy&Uqzp1!^#&#R*`UH%-sK)TP5gIp~q zD+}b(+fRG6T$f{4&bzx`#3;+l&rddb*4=o_`M%@N>T}!}O|&?A$GY<~0$AJZ5|esm z?^2F)r0Y#LLs7!XI`&dtP7bT9Tbb_pV1v7}_M11cUHtR@xG!tanX8+F8Z*dXgu@d{ z8)3n6f}Xv5-wCug6?{9t%0+pcXLgR&*c;D|7O2adrSdzUzuFN+CRws(c|E=2=i_Zr zv*Wqro~8Y}$Zb7=tLf@kU4boWFWWf6dal{m=sjWQga)_yC}a9Ng)HWyK(klzXa?6> zzlWF=o?EwHx(dKB5LtSiwH}JwcoO4ilf$ZZA8mqS90cb;-j_}AP!xWE6Vle_5Le>&*0P_r&cFHgCM z>q=bMXdumU|LN?4XAlO7$9k8+dVhEKzV3Ae-RtS&dQXWOr>$R!$3Kw|39giUyB@IG zyKpQbDi*7xjZe9rv_U&*@ey-bToLt%v=S*I9zu2mhnbE%9C-5d+S=uOSn(38n zI_tCcSm)dpHpX<&$4zf%KFE=b>SHTfN8J(U_mvXN_dM4bN)K=q7bi>DI1)|S0SO>g zPB8p()iwiD(DPI#@C^H4gmX+o-;45Y|JNr$vrXq2BLqA&mv`HCbcYL)i%y5@h$ODS zGOr;Qm=?UflMe~beRm%8ZurtA?PUnG`!z0{aCr61g6J36kSZsCx5@D6;}^`P*(2RN zIkMby2k}QKdM_UPDh_D6EcAV#fxf=dmB#I5BFwtd`!0j%btyK78m}XcLgDJ_y3!%6 z1%i!t64}&~2o_$AqBIc-ZoZbIHM^$@543S$>s^aO)VeFkHEw4K0@L!nALJwO4@k8m zvuDw0X%ueGS}?tI_8oa+yIKjJSn)VWB{J!073{LR?i-Ls7KI&3B-+ z$Z~dZJs(7tByjmd_XYDmHd>%Ho0KZYitMTitKz0#*ZlpqI$%%i!}HercLEO22kzX2 zh56vFQqUgLadr1M{ObRTH%OPsf1^XL6() zY@pJ?#ltA-!TL-`{;0UUY=uqNM@2>`<9q0P#@B~mg%ec-$1#L#LQk7*b59?;DNtEA zo@Iq7zg>QLt~fay@=z3}Li3T7hs|yYcAzB~)f-Li*=;d1>0P{uZVHk)m-Mf4Q_2Fh ziv1=`c$~$2nJh`>S*|J+U~fK}&niLcGKa|i{5`I>oZ!)iu8vaHWWv13xE6-?_(WHo zq;I9%RGwniTAv?9ywk|CX!5%1&AUQ&M5ZxkDK7Qw*cYHWazkV6)(8283hUMU*rj$= z9r<1EoV2H(v>1)TUqy(>%i)}XeAA2b>ciG(L2?agkNgo`dG-&hZsf7ICr*hBerAs; zMhW%ubWzuba};FK1fAD&z9yX{Xh$g)6X3V@vFc^ztY&3nF`sjcFU^zTJ1)(*?{L}^ zp6lYCJN`2Lnz)~!+!0P+&;gf3?qph3(Oiz) zRA0i6*|L7Vo|IBY33k#p*th8N9j}u*y(aD-t4&v1)|HPA-jO&(79SFLcBH#qCDhm0 zuO=y9i$ka)1t7u5A+Gyj+%r#`b|C8Q^+zCkC67l3?|s%9T)APqCR;qg!qJ1wJLBq+ zFF2E~a9^(6lTBbRu^>GlSP{*P;9x|Ic8f@M3FT=Q_=E{1^5+wIFVU9$?4_jVuF-lk zj%Qo#z03O{3D1I81F6s4k2m)^dY(0`+cMMVCVTYetfQJW;=V%m8hU(9#ick=ZTmTK zaj%a5>59I-<7cmAr_FI)G5!p}LxQI1md^gKr!q6cE{b#9^ADRX_7=X=q(#5Gx!%E@ ze6TK-j$Mj4D}E~b?2`ID(ns`!!JuYe{!fRG*d<>;!l@BNky<|3-tl7*+8j5;^?JD2 z!L=|n7YJ=Rc$&D_!Bgoc>1X0kgmIJ~6(c7!0S&tT8R2D+XR?ci4Hd&_Y_l!9_20r^KfYQR^N4`6wPlX(4He} ze7Gg!M~C;-`_rR{Fh_rugZ60r*j;^^;vF8Ps>ycdWnN%pP%IcS1<5QvmKgaD%7jK4 zyg??^#%O@N-y#G!psnql5|@MzjKK-UfVa|M`v`rTiYEbSitFf__+&u0Nwd#ScT36*{!ExJlv5IoPvzMgq0v{Q~n| z8wFLDX$V-2n?sh9ECPFCYF|W4Et|H?=WyNB(~3Y15JDY^A;#ApJZ+EFcJ|A>=;+Ru z$Zg4%J7AqWSQ(Mb?FwCP4nvfJ7-aNHQ4XN?j1Et^A1yKj<#0)PPsH7C;Tz7PPUW&I z5?pgQDBZ`*G+u$Wy}vu$BC7*a;X@iA-_$@lkzq6}?J0lho8et-D1g&O!6@zL!VVz& z!J*37$E1^Sigud&A1t0>l_SS{2Xlk+ppa3mypvJ6`RFH&ML~GM)I7!8FZaj0HUf#P zu*%)P<13?R_|NB}j}6;wH~*|0QmHX%e`{!HgL)18LFT6T-gah;EZdBducQ8?6NNG0V z{h=eAweuS<)$nKY>^|NP@)Vt9coW*TKYY<%W(h!eCo_A#y(D$IMw3NR$(Q51wA2ZT zSGTJ9B8p{*pVPa|*)o>vqE|RnEqJY9a>w&K21czx@8(M%+X>d(1Oq>%N%Y4fmIISx zHp_?Yox`DC<9K~895jKb^kF{3r$aoC8sTtqI6$YLOE(C4b6o!-Tp7Q*cN?qno_36Q zGx|X)L3<>zIk(04yOb6D5A=*h`3D3qHp{Y#Q|+{RN;<9NKn%#4^XY7mFN}X(jU>`H*&{sKbu0donAx%Hx!q8r6 zEJWIVaoJ4;zum9(zvj*q1=|23voO)cb(;QWEf+R#Sk`M5czQq2FG_fTR7a~V+$*8% zG4*DB059S}v5+D=zm{$g^U{13lh(+^ls7LIwP;#4!<0rKx`oiW z(drWm6u(ScpWdl=PDIj`;qBdX8r60!2c{g0EmpCo7>|U#>b+wKHly>>&I1Ed<+j>c zP8)hYs6lel>WUqF>10qc&%eddB&c(|+!VmCUM?ztYODEjqjgG>IyL*j{1@l^S-35z ziR(RWZFnz89miRoB?qwxEg@|O8xBk;50gDnobae$2u0>rpT}93xbmgr!SrmE!E?ey z-xk+*L>_%qm_nkg!|OgZ?qcz1O2bq{=wg(m`i%XUY)%ql;iH^2jJ4b9u^Pad*?O)t zjGB_J>p90J@9&xslELl_og8OHVE@$lR zB~c=LST=tqb5xd*Hb~Q$IXyodu7KoJ_RV~51;2B$+%#swCR4v7oMQ5wK7p7fhLMwx z#ARC+&ic2zG`@S3wv+E%0w{%M`1gc!H$fgPdh^Mql_%wADh~ zy62PJx{O(S;56Qy3#>v6cg;ETYC9(lU;Tg0y8~#j~2P75|=c zVTmm#m`zjrWO>jEXUgxlxLEE_PB}zkm8`4tl+_ZG-~N?Yg3*GAJ=pb&nBi}B)P%ZYpUG zmhntyu8&n;`6U1*1I{Zx23!#ROU7H42#jVb1D|zr`deDxC9Lc>J86S2q8!!DmnsIj zmyae4=@C9!I-dPJ?7X;G`tS{HdAQ`v&gLsIU3X7pKBN7+n?KX?rvMMVhi7!laovMH z$?QOgi04ZK++s&^FbNgn2~M_Bi?Ma0oRVd36t^%-yfcB~3)6twt4#ur&Cc#TkNwMD zHdk}2L}KoIk*xQ0ku#d5nQ!FdmR=#0CY;{t8Rv1PccGXYe)B8XYR6mnO4P)B#N4E_ z_Xw+ixh!&pmNZe#K_G89g(fNnXc@Q^dnU^mmOfK2)1PK69&yvm2W4o9s;%JT2hXUh zFykVx_DBWc!fDP_8F%nccCzDnraD$HzgX$%EJGS=znrL;1 z8JSqTYmf8xHEuvS{JDUZ*zig0IcYRY$GyH-iUzx0S)Bl+M`BmBoVfm_fj6y@_4RV0g!DKExx(#+uJx>;gn^@|6EgBgA6M?)#Y zbqbZti`_93+RA2(8A(r=3$!6zo~AXu@`xrXMH=`%`-a(QB7%Gd=uq-)C>hf82NZ}n zHpF0%aCTIFV7GIK5WGP_oo5&nR>0TW?o%^7MzqFleh`15xT{)Lqx2v@H+oGv*I@5g z_Y(mpv6?xW)qF~{_x6rx9~z&fNJO$;|uu zCE^o29(y?JC*>nnOWD^d3j|x80G3NY6rm~i1Oy1w?>*g8%~#M}BsI0|nB|R;vejhz z#52RN_I>#l$veDN9P`~=5{WDOqZiuhuayJb9(jK3>3NWYz*+5HNX+^~E|4Ue@=o0< zOr9d%r^27E2&@k#0M-{`-1`8GJQxbh?y!_wa?%5+E@|MsawG_e<26OHGb1FGGuNM9 zHV#v(zF|cXdO)nV?@`y_KasLAlTK!$3L7lIPVeX>FCy4m1aYU*sM z(NXoL%2V=JVbLC1|NAXog2J4*`~1h9|F|7Wq7so`XU#5V-!=k3V@0 zfFt<>n4X4}pFjK!D9L5KnwSu^?S+n9j+_y5L2%vg&*$$Q%(aED98BY>UDR*~ntLaY z&zEAp$FhC0E?lb0+Qr>i^%;Y29LP4KtTBL)A{)&Kk2XFi0S;bhunbrD-a-U{bPQZJ z%38G2V{bYPdv}|8tMw}#_@7As!ZYq#nm@~$`HayQ&s4WzusWlrdHseVk9({$yy0j@ zgvomRD}VT#7pkr$u#LE}Rt9*sA=iSwk8Jc8bE|hLB?YTE1gKlk({doHDg{U=u52-u zYR(i=u^w2aFISMS%u1ut-Pa!pyxi}UukOVLl)0(}baH_ic%}{Fh*5%CVPjFiFGDU-3VO?~GBa zYbCy6*7j6q!t#8z@=5=l!9t|RqUqta-@D!V5u`O~%`B&>PLC#M`BOi*Ymoc4;Q*sm zY0OUrmf#7G)@17TnR{S^lD1Jml?c@(P{h?R)uV>fo)jBXLk6PwMjR`S~sR(_X z5z3O^;$FagGwOfbbS-dmJMAU7uMziK1OV)N0esMXww+j44~|yuDUZH@6w>%;RvyP* z7zEr^3;$4=ebS%2o>L|!k*eS@F*1K;KSD%1$#}9p#U;IO&z||I+qm9!Mqbn;!0mi< zh73JheB+8)-p~UT5 zd$6!$h9&lh5Xx69tL{8!ZfF@8a$pY|Bko$ZAP5fZ0P~ZAXJ@I5iF?4=)ZoH>V6;Mx zE8a^Ookthl%k~W%o18fe$@$%phz{}?K@Lf@E`B6y-DLI05Dhu{FZ#PHwSLTEDG=06@ zacQTwFC!5y%-cDD4ctuHP>xBEp?3Lzmb9v#cErOV9?&#c zZGJLT1J?XiOK6$U-gu&R*EjWT5L7a$gnn2j)RE_camc4TbWBmY=A9&#L*Q|D?5x(f zS|QIz*gJH#zSfdYA`xT_SvKBSzoT34)$IH0ogJMO^f?B&369!*7TWv~aE|#V%Jh9Z zZg;p@s1r$0`+fR??9g^sIu{d<+r45|+~BW~*B8=iJ*U2eFNHUJRAxRzhRU;X4+qk5R|GGfa3V!s4k$WBfjE zwwr{>AUDZ=JwXh&Y4rmu5?j7=p*MGN!?I(R&?YIDe7yP5h>9Rq$la6PC@qpQ8J)E( zH&v}ziahR-?A0h{{?HeUX1UMPXyL)k)mNROL4{gIKwcNYi>cx>DSEBHw3pjk17R`fL}x%({q`I+dw^tUfcsl1zz2a@_YOQi!y zlgS?o3Kk4AvQ+OK;!s|X+mEN3Z)~fTK|ki9@p6eC)@+0|?CXP_pG7Xn&bK{>Vu+D!ACgrIF zf|wrzT~`#J$R*`ZKIWj#8pdpbz2%%d#ThsA40W`h6+l-*HxoYg2YSr}$L z*ClJf;jTu4Gzj@7ki7?k^RZT|uiJe5CHb5p?!VlHvHbKPqQtSMb;|YJP4#RqBWY47 zkmM^wKZIfC(+-v#!6F>e&Zw~D;6;p7jAN8f52|9GOPNOlJ*RIWSJ-v#D3L%fGF(zT2(d-^%=a*QIhT>g2ea^k`VrgREZYQ%|jh-^sw%SVfGv z9NlR1XI?^oj&J#V-{Q?BmXL9qMX9&p050}c#;VtSqq`po3j0jxpJNTHQcx>|KT1+jB$ zW)sWjMgfOatG}&6`GUN@AfB>X>u;Bf@x`rIK7)}>F-Y2doMFE$)%{SZ#9&23YmZ3R zj%=T7AnOPYI&Z8{ZM|b(E=k5@W2Ls``awy;O0(4;=u5hmAXgxHKC_?oQ6<9R(yM*P zga!vjg*XGDzD-i`*x93RAkw3HIU)_pGMU?pJs6OCoXUgf{}eh`Q?esHn^M}N)$L$yrl4a+AlASCQB>f7~2Wd4Sa?@6scv78>beOkdGw6+#UCNVsJ;)QF`#^%=qn9 zzf2YI`+0ueLZ(e`KU1x(eD3Dh|8W=hUeFG(zl9fod(p5hWdmu80~|FH>=Q;H_R@gQ zAN{$K7-XCFRi0jV=}}a?YlU?x^&QR!n0`D(BbMXw-s()+d9U7DjzsWrXiFqAPJEr= za{e98zQdCJ^f6Yp$_^nT(pw#UT>rF&+CW0{k6X1yA0!@G{A|oF@7{dkhbNeILa^AY0%2Me*t;F0B9R7IrE2I|~%!-IYVLmHE3+Bw`mwu&}mxxPQ5 z?^NtjJ6dTeEgYpUZ(dyKtwb_n=tX^d;D}tXepkJmva~ESMU4TZ9MEXpkHg9ApsJrwu z6VWJ=`eyHUMWfkwqp`V6YpT&6C@FR&c-0u0K8VxqyU2Rs^xNs~@|&Y0ov(#44zz@A z$YQyJhN@Uma}{M8NMF~*5v4jDZ{{IeN-zxkyGvQA>j(VLKm?|eFd{-W{tZ=HM;;p z2CcSg;FvH25Yk88z7IdQiIVYNq;IG9C$(bTH}}4W^3*U@-_wKdW3g;%0c0+l<@CKD z4#F8ZW_auy3kR9rdK$SOV>j4SD+|7jG-4`ZdyLbT#Y;~pqpqRrbkcg(Qk#r z#U~IFc+?-o-a+sJS#u$PM@ZWw)r5sdm6e`nws9vzdXVP+0DDin1?eA%jSYvle)Jnu z0AfqRA@%4&L?MiMI$=GavrbDoDRfj;=)OU*=9Ak%ay}5 zo|bgFTs~CR)@(nz_OqL){_GVJ-xN)Q0g9+4zt5qDF6kOKughqd=S|^p!h{u(A=7zu z+$0LeU{|N*7up(D8^f^vAle$G!**$_E6aViS%7-E?gTj0TNg%>X6}7P^ZxYDPAL@E z1jwGtNN`X)`HfX8Rt9wC^+wcnfm;A&3#F$+lR(o6@BU-gOyN&W3fAtfMH5U9;0N4R zk?zR{SZq~l7i_Pn9R>-p)%q?Bg)s$}&(6Z=J8u1W18%UjENxreGxj7j8m zDx*)*=Mdq_p#ldp523z>74XO}2^{5DV#*y^EI2<0=`oXPE`X}#bo3!f5_Ds~-5=&( zX^siYYFGG-sW_9W%*@jJB<6_zy7|DkjiP2hhFvMg_j$(XzP((7;ehH~F^H-`kZ5PCx z<$XRWrYqR(Vpum*&k^f?w1|eJUVx0oY#1wq3#|>>Zhe!h-lUwT@}Yo~S7Lp6=u7I# znk$vSbW3!R8GbOJ)?<~08Q2R;Z6?En3_E|2*4UldO7NxKsSAc!*d)^CKHo zCAK06lykWau87AJ3zT3%$W(e+j{LBA=bXqHNr}VO%a@dyJ3r29K;c1kl(ad_CH;1L z41Fy@VLmM6ODW!9aw)<9VCHy2eDDXkx3i<-4@JqnjGrgxOS%!I-f>@lt?H7wx@JUq z+CT^pgL4EETXJMGrDyE+3-^U=$RmF82-3BmguctfqJS`_>}{5f^eICz$k`n%lC0GD zl*U%4O`uxwg?B+NRVVc*PSbH;v%xF4eXXQ~t~PJ(fbwW*qOnTJDdz-Jz_VD3P`iCg zy7cfA0XbMm1?PAv=!=o1!GRIh>0w@_|Gy}4q0nTTjGii zYk6A2Dn$W?T3ZgrOl?yw+uEn-vM${X0AIX23gN1>PcNEmZQ|ChinKN|Q_klPC3%xC zr_WK%VO(Q0sBa5`xeE>o-k@`X7HwXY|12k~M)L0a%t+Gkdk1hh5C-hpp^T@4$Qn{l z{q9e#|M-<6Ih(5U_^;YJ*|bD0`sLc5m*sTY(=48bL0%M3nM`9A`oye8MZ3v3ssW^J4QVddoOTy1rVW< zRz+HTU&9$*?MYT;4$t+CD+wm~R}6e}NE}=5tJv=?e_dv;Tp1W+JxeeBD_as{;auc2 zXD9;~%d7a%yv_}{9*EZp76@EBY9JqKnDaTMK%>PG>gXJHBB_mKo_yG%@9$O9nlSh_ z&5^LbrjP!zd1Xv!*0|mUYY49;Wq#ysQ#%giqgQFBn3s)N$je6xkK)fn~38b1mI_~KLbs^6L-zE_% zk3Yh~{=Lm8N@FtlZ0S<7Wd?jbLTPdLGyoB|tFH_Rq88KpuH=r!lE5-+IjZkY{ z)vk2zirXdOd7V3SN83mA#`p@_%MgETKku-IgO*4%_&P;XErI{K0Ml?NQvI+fbr*!W zu8dwTSo0ldaqP;&`*HP_&L0JiMRP1(7p1^VLz&UlD+|@QEb?M2YPSq!KJA?R+C=?sciIdoo6af-f*-x1n&W`4%n17!?hIidMb`Z^ z+q9>LA7`fatdxN;Q~t<(su2Dt%35zv;6N&8Gqm_S-?Mb&nHh$<9u6lt)5T9RRM6nF zgN65OqRGil&mJVAaReXc1mT-B?Pq5ChB&04rduQ)UMb!#cN5!W!KPj8)Z@Mf2d6^$Zy1+V6R7BrUd*I3a5ods`HZoEo=#= zg^3jGGgz_a8o61U7r#(N7D7u)pWP)(VKO!?UiBsPP^CJP&OdkTVr$9597(k*tq{H~ z=I6K|zGCMIjWu+eLjH#Wpv|BhAsNtn!C@ef(%xtJF&i-N9j_K~$VB+Hv}TXiawlK% zygQ8ZH6g_kqTnDCQzIYP`zE7Red|d9D3eaG^RRcvewkysvcW!iNtQZQ&A8{$;yZ)O z41um5)SKn)#~(K7LDVON*Q)L9t3Tk#9mvIP>Q(9E2prhuY_$>_Q^WH*s->y1-(*h8DDW@uvZ@iDKZM`QUA(^MiHfj2YUrlWZB zdY&@Ig~E_M;v(!pNd;I0t-`1TFnu+M5^T0MPsGVng+AFqRz~TQq+2PhEHw@bbfw^! z)x)U|IRq~u5;f!Q?=k4hiucRwtICzuTP@m_56*fyA7NL{n5}!n6^=10VWyAPHn^v` zT{VA+zhyA$0l2P>&+jS$29o&>#9YNF<2qRyKtFYj>dwNNsiEYpI{bYe_y&BrC?B$+ z1+;!vAF^pwS#H4xJV9sqD7*^|rKY8&wWCM_tSrEY|8x011cn)bNXl|_&$kU}arfS13~&^N92-jN zeJJnhygvL)v5yZJ09^3@bsdA|r*9DupwK~7i(lnZS{~P~u9qbpnU!3wlNL0d85WW7 z`=dqXx;n_>CC~|IK2metvLWz!&pijhcglqGI1#ELJNGk)ERGQ01DuDaCG$G{*dzJv zwjoNy40XzLOmjcDKkwEJL?9)A?jt1<*4oklA5SqSI(`ookkZ-uRk7c0UUb%R?9Y6b zo0oUcw0ev5B1I0NHZgvO6Zxu#=OLs-f1r#C5aTyJ-7I8Kbnf|J^FncKaD9WwJYKDP z2zkdV=c`bp_ou9R4}c?sx8y479L;wcw<{GKkJ~Mi72p#y9!B-8f*^WV12TXPwK}c& z1-|Qy=W1%Ctw65UADZ%M{a@KVlAiE&L9E<982<0PPNowdO) zY?i;ugRip2&yMw;{ z&!Fo_tHJHe-C_R&o!wcia(5(!xB)mLbnQV3>>FJEv{-92-{Z2zBB)!G;UY2N1TP^+OD(^MB%Cd5VaoX6nttOEh7x2Lk_b(m&qn>jIn(*ZNa_1n44^f^dRH zPc~JJ^<`uD`PP3O`u0UIH{$a*VYeWV3M;PJ@9f}9dHzfC!w+$B=RNr@otI2TYW?#0CS&Tg)5B?Dx1b8LFzV#I8kA)JbqkQ zvyxPN)(gsLxM9H%AOq9R(<4t6W+&=5tgA(zT>8)H-o3R#PzRCv`9C71Zhk0C%E=fc z0g&S`6wSsR6KnAE+hht9~ss$G;(o>ckXg@E)xA2 zz8!Vf=!>n8z%3sB2|xiU6J4A=T*OwDq!+RfW-6Oe-c^{ES7X!a;ql(*Kb0y+sK{;~ zT7zd&KtupMC^Q2h^ka(gfh-n-p|tW)s#z2YZ$y9}FkZuk2%W5t^oTa-E5rSxSrF=H zt>iabXG{em6g*YMfy^_!Z@dvg8#zDp;nZl{4;STSGFP92{z6-b)JA_D*qx8H=Sn_~ z8yHV0cbbSSLsgVYWbAf-jZttOzI36+TUWM8f|?mDGLvymvP&OdAtjGFo==3rIN&aR zY>*$b&8h!Ix(~+fkm%`v{pT!eOz6w*LM|~Kr)$CMGJX2O1G0l=erVPdPwTyvQ-?{piZEznHbrh1MA>r0H78dMa0j^rpnO0>>^!EPDAHJuwOBCyL0a$e zBrC%o4%(*=M>-gX>$lH0FWS`M$P<{%0+tF@HEiHMu!AEIfrtt z&9yVc^F?aFxLrLeqZ*GyAVyx3bBObFKFbl*;vo)^AM~Wa^SNWRL$%zO4!Lz<@3eK% zjNf-oYBsLz{mvpjVB91M7{V~X^ZzTN48BK@AhRYSmaen$Hq*b-DPJpn9ncz4B|Irb zqM4CLEZ{k4+Gp@uw2bxE>i#<*_&&gH_N3odwnVFssBqPC|FXNt8OmoM;Q8Fy4kkB# z|Nr^`A`Xv8b0DQ?_;kQ|v+53s{OMkri~`rEW<#yRW2wYP<9}-mJ_S(!ALIR#J^u5r z&loDSJ)@!}twF#DO<1dvxdR+R`R_pd=XK;L2%4D{XS^w*{00Nsf8QANYX;4^ zlJI6p&}0_>T191Cr*~ttAjW;CL7C5an^E|*1(Pu48xaZ~rtoF)dlG&nS#XNU{u*?@ zL`sA{2>2k;{`=?WWzgEpy$YI*g;blo8ZI}Dg=3sv2P<7koaULJ3)ZfewWD*X zD~6i=p!uLCLg*Ye10lOQ^x$SGC@)gBKuFa>cDaVqbwy`H%5iv(gp@2u+;DRU4kYyE>FRm%Y!fA zJoNqZE6@c&gc&<~xx(!=zq*oa9S84i7UjKIDeYlCKo_o>am%A~23-`V0qF(mRox-9 zX(mvL$-;&QMX|B5c57eaUznQa7#JERmVzdIOvb_Adnvs3OH=j(oO-f4qUDaK^Fcj9 zWL_q1MW8QGYrAGOt@*Ltn5J`A0D+dtGrAO?YNVZ%yrRZh`FZ5WLvr5dLw6k~xZ^eK zLa;~ukhtB2u32jx z7duU4gXzunprI@vC7sVPx2sG`z!xch6%&ecadOghBUlW3yO@+jNSWV^{u{J=#c5wI z5Zv!yyf0uweoj6zI@*0OAZ#7}`OFwJBiXfKOFsO$I;SN)vE;%axy0d|u_4W0aC;faIjK18sZE^fN^+PTgf_rVa zgAZd&+DD?m9-|KdtC3s7X`mWaDkh0AO?T^*Z!j=5lFdUSY{C1I2t50 z;hn|{t2xt&2KOp#>A3G@RQzld zwX{epQT9EBv^#l&O;p+|Z5P{%S21~)uzcsnK8hpXR1|Z!aU|PZ%`~`gss9hG1k2_C z9Z~5<&3f|xm@_!{CGtM0zFuH4w#;;h##`ThwV%`P8{O9wy?yd<=(~ID#{C>6zMxU0 zBRb7><MAFmsh@GFq<=#*>4vprr?_q^cwtHM@;ouTG;8Hie|t4 zeOI)HhB4snS4DaGsKfOU=~|~PvxNsO3aH+}6#o9>LcwniL0fjxiJ_rk;F$!0roqES zK8=X+=eyy*K=U(Qhxfl3=MyEsxqPyWprZbt*bIeWVOpfbH!o|Xd+djpk|2JV--F1b zNXJ@;2@q$tLx?6z!y5Y2g|(TRF73Md`Z!yk4WtQvdk_?lQU4l?76pQ#cZcE%XzRYZ z(9@xIVlkf;5G{Ci6+2lWg5nSTs)hi5(h)EgL;Fslf3VV*6-O%Q#(_dlqQMEVrkqfA zpJ}Wr>Xgj?1aCoyH)n!CajhTMOF;%11s$}syC!0#W8=ywZajg-frd_4;d6UX3Jk~) zxXa$2!c8(i$slPgLV9}oms3QW7!T+s43$v&-#dUPny9=#}y7HnLzF ztZs5*igs)qJ#5bJ<9JKL|K_`{i_^eiMet82+pe(HU<}Ok>D1Yn;##=`((A0 zrbI;ys89${T;4wv+Eqb~FV;Yr;XlSyZw-=Gk@YtS$g(k1+K5~KEq8N$WeAG4ER@PX z$$Y{?>K_VpQ%6tU8cd=o(>%pg9~($u6>mn;L#Zq$lKx z*q6lFV=-~m$C=$3Fwx%8H58Bc&>fPtJzq&I2->8f zj+11ujkr(My-Kz!?*X9;i)uZZA9i_41-;QsD2(%i_5*^(r4%9snsuX>AP>mO^2|eH zZa_#3sOwEP{!X{~@PVbDj^EznxSzT~Bt~sd+nP;tRtG?%`VufhtV5z1xnR?Bofb%$ zyGpsIS-ysmQPw>&p{Y%`yL)%_?*A&aAYb5!#X6zoxsJl$e2kP}l`DID0t+AvUk7ji ziI$|GpB4U9F5vR{hN@F%OXV`Ef=LJ!crHdv?$Si=vimjN%M5yNNqruvgGmO9#kX#n?x_FBZr%=*o0fw3;3LAeR_*BF(bKm!Du_J<8 zdg}aeO}~u{MU_b^SjNBLH@C$&IS8t;AdybkgjE)roO^<#mb?xcpWQ%$3CkET!L*#O zrlzB${7fCc2R4RpQ4!1>GGQv{hVhS9V9im`x#qc}UMmt#_bUjuT4bQaa$#nZ26wk6f zZ@(TL*M|@>N~b=MS@bLIFqwzO-8b0+Rd^Yc3pp0#^bHq1F;b#HqwUX(bsbD%7rYjI zv;CzmqtJ81p18!+fjMf&%e@Zn>Nx9vEgwf3uw{B@rB43_;RjeESjLR2VvK~){qOr( z%?UhMc#&2$%MZ%l|K^`P3!ezdLy`$-fbzd?nMBdz1+lk4^&H6>x6XVF-n(CEi`n>4 zI;A*(*H2gy$E*1L{jqQQC@rBS;wl*?NVcf_$`l!_ahbaLW+vp1s#zPs}-= zxwe+*Jx9d%B_$0C&FOm;B_;3N8My3BuqtyqLoB?iNK$Jth}gyHRWi+c1@?!3{AW~# zHXa67B@ShMgK;GPd`U|@$)!6+uZHgj#md|Y(?0S?&zHRF0EE#b&c^Z!KIp+|VPKcA z>#8Yq0!)T9d2eapb&!SS^4-!^FWXu7q46qiFFCRpvTzLRq>$S#entBIp+^VTNho$Q z@sbb`7Cf&%u&@bY-Ath57P;9-It3$&MpZ3@!nxRsH_*>{yh?-EzpNG;olW-CwCLRp zTA(Fa8^EK2yDNVc<>R$NSBo9hF^^rSh55T|XW8JxPW@dlSepDxO{`5qbopO50e+?p zePVV`8_H}8!^Zyk3QrLK)QHM|A#Il>~G_uy9blSQJuDk z@OUAV$n?mq=xWa)vZ7n*X3CSNiwJ?_CGF{rf|dbZB`6z(WLjGS|J(f{uQtXL#|`RQy_ zXzb;}{Otj=9op7vpXr_bP^Rn+)_>DQA%v5gKd*8ER~Y&no|m8A{YYNA*?Ob!(Z(^y zBjeu?Q@kB~MD9@{2l>lrD)MY>+UIMsetv#)yV#$IOvU*VDEFV@a8gZyAIR>BsH$_S z9--F$O`-7L=(<;12yK<_mvDw~#&nMD_iozCCo;%QdsiVZ}a8099+CNiA?7#OO zg~II?jO9#6j?(>#_JmPAJfcJd`5AKOVs;3fCU1aiJ7Dl9@x&lrX!PWK`&Sq7-`)1FZ;Aps0akO|Ah_9w^JrE{4tnk~ z3r+S4(L$jcec$cJkB?^m#%}+ge;A;NT%KJ!|H4o~Q49=xJazHnet%EU^MGI|YE}p- z`|^nQfAB`w&Eo&Rz`z{yoH&B%$`5C7-( z1KA;V=z8VKDEPjUCK-fI=GWXGSG!rTaMOA1GoMfQM&RKI3Nn7d_Wk#$p`I$G<2aj( z^JWb%Yh{Qw>>-Gw|J&z+6=1YEn8X6`^uM4Ar5?Oa>HC4>(TQgsz5;#M z&TS|;0#Cxl8b(``KNU0&`c|mgSbP}$s=>NB3dt%kVjc3PlVPo$_r&>xu`ZK%!5#Jl zB3BX$87QK{;%hI&`122?0Rx55)5m3w!@M;YKbIu!ApHKd&hY0i60PU`%w2ywePdJl zSO4{kS&PxUEBU`e%$t1_hJ-G@MqmCROXfWy%*nZoAKmu884+nL#88phr`vcec=`;q zvWL?2$E88@{D`qgb4!Dj7af1P*5v=oAmw@9E}&U{j+^u(P9)ndP~y#|GnvX+_k>%m z`2~@SIm`V-{iFD)qCz#->r~;_17V)GYP(^_(l@CH+m54lrPmZHc_W#0>Dd{Jasj-q zc_Xc0>u7Py-a=LQKA7-3KSz+(q2-J~8%@@dBq@Oik-UbVHTGr|fZ$LjQBtz`D3Q>Q zS%EaypUEna-O1w1)Mj~M^J^$`L9gj=`yJ`hdauXWW9N5Pk<;Uz%lJw*DshtLUUl;Q zEfM?}sd7aeUP#0qr3>|N6jX;l1S-*|2HY80OI^(mGmF5k zs1R9|ue_KlMM6Jo`mcN}kldO0Bg*3Oew=mZfbg4COU}5%DpEyGJOarYh5;qUJBnYS zqxEWn7qLNRU%n60CP(~!Zza{BJDl@S3@*s`-wQ6oE;yFWDj47CpXVoNSGnbL^3g}o z#d6LCnmI_(eApli`+R~QAdLzr44I#6t(0+Q2J_~2Ze>Yi`y+~R)dH4R^P~U$KlJqK zM}y(?=e1A6@N_yHa(u44kZ`;|%;tC~e(SqeXuu!+-Onk%O~OCaiBVaXPg0&N>bnuw ztgfG=z=+qdIUedzo8EG(L?tq1gl{61(a0Lcs~q#AF~{4cvGz3*j?QFGi?d_(*mPxehn-(xs1dbd2+cg@;~RX zNrpk~)nsoEIPgAUn8^;H>d8}PH^hBIEja0LXq#?V$(k*Zo^v%{<6Zv+`zQ@}wom08 zj{G`D&EE%n)Q_|3>D7ztoud6Gy$eR>1J6-&Kb{zO62;shK1%xnLId`P50nYET8>do(eOx_q>l ztw}Z{)L3jkJH>Ys{P8FsUGE~CW|{4G*t|a!H{ef7u`1y3{kYLP# zcwv*CoJf&ZOo;Q9e;;eZ$7O3%T;z>4Hq#MKlBAnGhD zDJ5#>N`N!Mye_Yh&UgbGWDomDYey-YX&HnI! z!8ZW7B?9+w{{9UgaP2eujql_dPUznmGeZ7(Q+9ZxJ`{E&K;%%N`IlgK|LiRlND!T^ zGg)JmU1d0lo)1Dp&h~h`Ih{Nk8=A5IE$QXm^^q`iqgbl%N174wtLrY#m-O3UN8~ut zyu3UXBnUlrFUR}C|h;YrWQM@V|n za*qD|jFDpz=L%IZGyPz;-8ziaAw^T%H!9N{dNar{o}NQ2ly;x%^;PCyd?+45V3Mk+ zF0gI*^C=YVW%HM=J6CUnz<2wN&QM-EwU{*C^JD=-u5_m$8V8L@U2e>Nh?vu_j0juN z@jD?!lI9W9!=slU&(%pZLNF}W>PZ*ad7c#>ClMdoO$P!&OU=eD#eL^;?PGJ)>`o8n zS%=ze@K9xALDx7*Ryhg&21!5mCk!&P$T}$U(|&c${}r?NZb?*~isDt{TpRqGdweTy z*lDZZ6dxyn!OA}tkXZgTF_DnMW%KHYN;} z7n6Qrznx#n6QWplFMqlGwVJEFz}{3}aGYeYWH<5@0w8i0{|5k}Ds`mqqO61+l6fpC zkh0N(+&AaRcG&#zsy{0kLAFlWGwFRm#P8UDlFP#b#y=6`Hy11pdHD5N_iQZ0bgRAp zP|K5sy))a>JUrH!}KAhx)=;hW8ej)r0_}x1er0Ca-#gRCgb+c&Sd?+t;kb7 z1cvDr*-qg%Y=BTBm zr6Rx&>ujbKVWloW&C{eX1$s$^9J#Bnkk^es0)g4%@&eT1cY|XZXiF4jWIh7#kMObW zq{T&p7i?^)U^6Nb8sg3t%3(pj>Mw0?Z}%_3%>Z6`f!#8s97c}whr-h(sna_QkU8^Uh=^c zLGr%a&JvSj`%#7j>RMP7i$kP7Ad6vtV7Cl6dHWu~F+PHa-Poa!O)JW72vyil28b14t^GPZ^LF0<#r{ zLNGrbQs46lPOo#T^$U2c^z3X>m!-kKK-BXK*(i$eWvXti<#T#4{LqJJ@)nN7u=FKdDzY;)X|wR1>%w?dsK5eFP)|%2hhef zzxSQEyPJueB2eG5$&7{pv@;pC|nkj;Z|;Izyvd$#_HWf_S4pl2^tc!TBJr zzbNXsTJkQ@hnWucub<6N3IaV=GHGQL65R0D<3`MF-xzj?=W)8j(rgSzzMPk^s9Qv3 zFt4)k`c{2>K3_xomQnBNAuYT80{5>IKyWp?Jb86VjEB*xas2dlm}@Lu%qL%RIFJ${ zE?HAmK&BJU6sb3Qi{1yv{}%fB6x=Au$vaTx_Mw#kaF5gCCw|lY=}^okNWzQhmS9~t zH0S6N)f^@)k@I*KgT`@W{bTo_0hewRhV+hnsW4)!FI%Totzx%3G`|obbSzm?qOAdx zPjY-O=eHt6J$2&Bw(65AHm!TM^p}8@R#G1}W0BcX&muAS#R2#V>MKhMIyg|W&^V<3 z2E%!})u_;wKqRd6moJL={4uR|QSaYa?VBLm>!^(@oW*}H#k(`Vo5`NFdMYRE(}R2G zv^0wy!mhS5hPE_&@)jP9ej#3&-oZRA5!LVGgSQ8n zD_c#4)wV`+Y$2H8Sd9st#(?4}uBsaM%&XH1=!|JJJPl#MI%f0&eyTBi*apuhmH>xA zyL>b15v~1-NyPAY6G>tVU~2I&&(=j9Dx(Pnh8*+W^jFRLgboYG!PL(ZP}ln?g!7%G zu6Msy5(`mUV(*f1SwoG578KCcidhAK<`Q+7v>ngV+$ z#(U{^3~I@W7h$Xu*i?dV=W&GfC zRd7EE$Jjp4hoTPKu8bsxky!}SfjjYumBg_HGUlMXr$!9jTNqcXix}!h>NfT2J-{S~ z0ROD=1ZsYc&^-jaw_m_Wf|KU15t3Bb9G6i6O9jGI3|b{uiE(Y=rcgP2cw4g%^UnQb z3^3?3noykyQf)p*Im2t!Gl%SD(yp{g)Qtj7m!rBAKUYYJ_uB*#HW;{{D$;w2V*NOc zZ;~}OY^^;WI?^D|w4E>C=4P5leKEboN5>yaDlkc5#%b7EnPn;&=XwWqK4i9^6aHP~ zb@=nvSY>37Q>i88iQh4$2_eBtx^U*X;yu92^HL+tNUjea!;s@tE|VO;8r+3Y2DEyf zuuixMgsx9~_6z1~BAo~?CM5Ez`$#x^D1%^(7Y{WNJd3gS!FSo~z=x!!;WFSrOfUMh zFV-E$j->0;D&0rJsl^&Ry&6#|t1#Z^oO;5o7OfaK$=i2%zVr>tek~cACq0%D(mS@!>9u^6Xeq`t1V@QBzYTQDdBNDLwc~&~@0n$Myl( ze=1W{*;4iH4Y9Qh?;nOAW#~A}*y*ntaX3CBB+N>8MLw266!mxRQ-$fb%ZL%Lu+)@PyW z#$EAZQD*h?4X?`qLFr=^9XzRny5(rLwKOKnQ8$|wjA%FTf4HC@uqyBi=i_;H|3nOC zLYyWP#6&ZL-Alppw_Ec}nx#@Q58DH|04udc1dzccWWqT}Sm9#Wg&GORW{A}(D|7)N ze>%5@Gt7dH+yLWnf4zdC)MjDTb+((M*^yhqB1*5d1FaDH>zZ z*M9ns=R5C^QK1vHsM?$aXX=f9kS$<39QaV%uS!UI(t_X7mH2{KCm$Xu@=d^0rDKTq-5)FTL<4plb}7e+rYD`@!5W>Z^^;=M0xn@uS^1u-)M1aXj#E4%-v*0vEy=S-N z_^ZapW%u9q^iJ#!=#;nj*ZpF=LRtb68=an1hm`f0?!)l@p6lWeNh9F(yyivo@fPRT zHgIC(QtMw8y$8nhtv~c<`hOV(x~&e1^iueIDA)V0cnqN!YG0vB`Lgmm@IdG$oi{qq z4LI@9xuD0OK(Wg-bHF&79_Z^ClR8OJp@H0be%Zqx7#EBL!5a92cq?D{nEs!L`{!Q~ zx7R^xb}D`sOTSfI;=C*NRk+F7q|(a_w;}frgfmP+GUwInAFqQAtye~Z3@fnH^6ToR zI!c6QzE58}qpfa$njnoK&qo8eOb?Ih!VV4a7YI0r!ZR|VDCd#8$7ErK!|Rm{YUl#u z1qh#KHK%hof7UOgg(`u%0%q8|q-*9>8;|)?abI1YDo4`mcsSs%m=6)Ia`DYk5)T&7 z=Xa|6Ne5z2<&@SsnKMY=uFlXbu#2WD!S(@zsJp8SE7%7=&~ST$JeGZDA%mdG&YN#S zTM|Y7vOfjMM;M}y$JWA9s=?N(1iBmgC&nxf6+n3uC-yjpY*NKxdP7-)C5_L3#)$j| zl^(lnSr>B-u04^ztv86AeMFSEZ~40K4qL|dTf_c(V^3DMqLF*55>8T) zYRZ3(C+80au8KuCcg~z!`CFHh5xzBM;>(Qudc+r%=9BSZB+C<_C)Ijo+ia*}C)I__ zHVPmgkjGb%!d06*-p+RXTm#S=&=y)o%r-i&uf6h>-0M{322$mOgWnA#`3P!dz!H#5 z(~e}Z&ICHg+OSAnYdONH^o24=;@-Jt$4p}Vg@}8ucz^^;@bA_SwWNO6tMqf9NNyeb zafX=fiO|{xW?>1Sj|l$bIp{!|_2k3e(Fr4(Dd3x!WO$ z)LTLVP!g1rc6VkxuOfWWy|7_DW6PdKB1n{~Dvx6eBXP-OR@N3ndm-WAX z@b*M3&@q$yVwNN5XVLUwNHg1=#S&p$Ps;cy;nwT=0blve$GaoG3!uj;wj8?DarD!h zOiMLFK-57*qCXCmjDNS-DZ!`|CQU-$_Y-VPToJ@d6lkGrOaUmYbFie=gp29D06OWB zGsl1$o1aSi?_9fX3(K_`CuEqmG=aT1RnCl6DgtX;q#ldTed|a{p^J%>>Rm!m;G)mF zBsM1Yw-r<{gq9?iTd{D$z}uY}CNqnOa{=D`gJA#JroQ8DsL)CclXnA(E8>@QEL;C@90T>g2Rg^G!2hQXekOe&#axbqHA{%cBL_k6fn!}nr7^yZm zAK_cZ-@l!ngv2qh&^!VIY{)Y6=j`{9%DKV<6%yC_3k_D4!Gus4I}BDP6?`}Ym?Ej` zvKN|Y)#F-SSKAkH^xl)r%mssGvmfzUdKP=0pna1a|NC?)j=w!o&TtIw`<2lx%6)?fyjle^;oi&r+Hm)K{~8zMDRBD zrJhgqXgWua-PuyF1=Z(jjNASB+7V;mX+08$-h1I}7L+yyqbFPQQrQfdfJ#R>DvMxY zJSOjreviM@CY&J5v@l$#>h ze;KYLH}?Zg{|5!=?zT{p^ix}(#t|sB0fzu1gSiZFoP$x4fXfzy@NCh0Vcdn@Z6u%- z6z3k|s8G|?mRIuIJ=n9#vTR3;(ym^{eB9I-+#9QX9sm&jHshN2;+}gXoDRq;su@>A zqbyz>I|zV|Y(%3p*>!|L!|)A5%gpRRA01DPwe`btAKi3~@9P+?{R-O}eQaBH#NMmG zPdpxn26zUQgJ@TTPvSrW{uAOV%aRT2%9=fn$PYH1UvB@RN;@h`v0n~Q_?|adQal~1 z>6RgBOD!=jbhYRbLr4fOLW77~?|Eeds23Yuk7%^BQLt)zgp;d*;dFHlN-$tm7Pbi_ z#R!HK@Zr1;Llgf86R6&~-D@}gFcA|~EG+v(3Abt(ZDJFo6`OjdFi+eU)6>^QJ`HL^ zQ5$LI^6o~mMFmthn=QLV@AK47BRPvc*?-~H)80<9XF6v2P^dgJTAEn?@HfhahgPK} zcb@b38XoHH>Q`uQI>P5rSA|KM%Nnl6;kYCW+HD_s|85IPexg(<38Lx??)slT zP%W9G7i3o;ehV|M`o=VxT<2P;o(d-QU<#GbD`)nMp;%Z;G3Zb|`huYY|B`YJILOLD z@WD@zi(V$tt8l87lGv8mrK!E~F{lWV$#Esgq(P#{WyqM1`Kw-k;mcLn9Zr;kwD~jK zB}%Ka`rWRvZ##PF+X?#Sup6lZB^#g%30w+n@S(I$;4Dy8O_;iN>&m%UTPD^-&|z6 zcW?|%-(sr-x)eH1C8}7RiCG>bSBVy`0U2ulTApGGoyr$zr0^%N{GAw!upG6n*L&in zN7Gi$bQq`{uAsB5YBtDyVZR7Yf>S2oiV7Xyco|pdyx@T zc(hB@;GYPZf5p`z5MP!#fmbx&~aCNY_F=tJ#b14uaGW}uZ(ZR z>#uJz4#t4fz4aOy&jo&i#@*RL5L3qAZqXMuc^3SnoT43r3{Wc!wY7JmRsEjm65|5< z-PBP2Px;qLIax2rZa3v;O`87Zwe3AgD)`y#5lS^0?=mXEiHxh&+lV*}_Y?;oXJZ!h zrn7(C+>%-<_L?U`;1RXh->QCLq>nZqe6FBKWI4e8uzY5@r0k~F57qkPd*~zb=k-O| zZrfRz@vM;BQB#e}1I~QDk(i9)-%rBFa~)shV@b!0v3s#b!_bYb2$8G7@g#3w>k;3v zv$pWi5nDuTIYpd5C>B*lb0x%9sryTNk%ylzDHicDkpw>k+C{jUZ`2&nB&bsVS^gg6 z2Ffht=M`~~KveI;L*`4_xXP;wlZ$pXzs@xIqdinJ$+&ZQwzkGp3yMC1r6O|SXlo~p zz5XOTI04t4_|DDarALpUgufifHQI?~LbD zT_N0%I8wKL$YZLR$4W3lrWQeuVdpjlXU@=0`g$cvH)B!KMfnh|Q4m(dpa+_NIJ|sy zv`5c&(XRT8{#-t8e*xo7rY{kC&eW3Z8pHRymozpVK*^WHk?-X;JqjJC`f}&~g7PP4 zfDatB%6kvz#{JevN|@B&kkxvQiot45I~A8Yg-!{RVtf#^OURNaapmQLlaIZer%2nS zzl7y(4H6m1-7an{_44iXzDV{uIY*2ye79x5AmL3W6LKda3k3)o-44#13WFEN&m<6E zuE05O$6Fq&Yba7=n&E!Gw)b5u+B%s^ykyWqE4xAHE=jbxG$+HI|9(?7?AzRlEf`!; z@d86A1%s-S*hnMveA4$>d-=wgYz*AjC-jv5;}x)~^?}BmRf)ljqD0fNOt!yh1w*sMt_liSYBNWchxbRjDHF$N+Bo1fxei+5{tVyzzuZ>i z;_=-g)XWi>jB|d{?S2*G$Q)Rt`bxysIvQ^)v)8cciUqm7)8uCSywpVpMzz(_SP1MZ z^oTD%KG^boGj|PGd8%2YCx&!sGmwU=l!c<4PVn>tOcXxf?Dlo=m>}{x5N!*Hi(=kk zOD=bFIbLqcqueAFe|>co`&ldPrwQ^~ge1egWO?uQaVwG>{`UG%&y*Lu+h6e1T?kx8 zi8J1n@%(*CK&Y|xMgAg=x|+?fnW!=^&+m5dZK6Xj)*XA|*FX!i2=R~Mt`AGzI8d%+ z`Pmc4DqLucBo0(@F&P({$DHsOH!gkKpjhNc3pTUJFj}6pSGst$jxvsX-S*)`@ZnXv zDmT5H#*?IUBUcoDqC0jtN`@1BTE9eOQ8hAhcuHTt`x7~dndhGUA!f%K9KEV246lle z1U`z9r#R*=GtZ~gZZ^L9;3pI5yibaO#$3oLjcF4;r8kXs+j#0g=Vqg@t(ijmV&Xn9 zO{pzaVDhZn0B`NP%ZQ2fB!^t>M2P0l8mH&(Qjr24o>$;_iF!TIkImQHXKie5K99>& z->fDJ!C-ghMK78GPK9)Wfl?8pOa(Sv$tE#8`(Z3&#JVNLkz}6k4#F&G?+#xF4bdL%7Lt>Py1OIVw`pxSXpt%4L4b zElrZmI_+cv4m)+vlTTZ;lSt9uUc?A7&D-`RtQ{Erb&Gy-5XCW|P(=75VTpq>0W%IA zDdEtqa|Nvw{8_v_*3vhLhD3QRR4l$el)x{@a%3-~+A3FHV;=1-Sg-n$5zyb>ff&he zSdK%Q>PrNt^Fk-NR}Ix&ujKXfRnZpr15P6jO8M?;;>^&tlE|PpuW$=IC-cS16(9E} z#|s^&&XAIl9~G6aht#Lb{9jx1x764fdg!dFw$ z|1q<|S3uZ*YGwYHDv$qrQWN8WGMD>Cy&A7Wi5KHj`>FE5PF&nRTWw#cTooTlg@n~I zU0KocrFPOapDbik4*MS;2FYnQrt@Q=VdYO0$_>FFP0IK2GeiZIW5Q?AfCKB(tvf&K z3P!R3f>chR`*cyY6Q2jvy5@Jt+rM+~=66Ig^bo>464Wp_* z@QK5Ke}xm(?fja>v9c?$eRA-N(H>aiWx;)zfRO-WhjF0&$ z$LxUw&z^+}~D{8lekh>+r@>P#Cn;rsG^P3)zOS%)gbM6s1 z@F@lKmg%;Ld(H;|kY+Hjll`Mr6sG#m^}B^?Od^p;P^x6}PkhaGfh*ne2V*s9iK27$ z9!Ey76E#&Bb8E|w-d*Ouq&85+hfkG9ayG!B7Ln^m!-lf^O#4rr;4S}k%wtVH$b1-^ z6)&O@ezqR{2g~e5E2DO+zj(V>iF&I4j>r~e$TMldR>Zxpd={~hLt(a*J+{+j1iaRy ztSI{51zQ=TMihX5|8s2ZJx7S7VUA_Qc`N;rS!t3yQm%gLj*bo7F9aRxwhU7ZrK^!Q zfd@{kdemeae13(*d=7Sg!3i(W*Ucyq68vCfN)2TWdv1@^1>g=b>!NhAsL494zf^uZ z1E(SqyHePhQ-p?uKV1t5xLEvgVd#9cm*}mu?&~Wq>QBAwX+kqKJzIXoQ~%bg6M5yl z{qg-z@}$9fSMkY%nLDol`gJ1ql9CCGsLxk!`yBI?>HDSZ^e%=05$;j~!QkY_?iC|Z zgPt~))(7Xj=Mh~rf4qvrYANp6Ns~1i&?EAu4qBp11rX(l!ZDQ)Lw;R1e`8X(GMO$; z+dZ0c)SVB(d@FXZvzF?ewR_^jQLMhD$`&tjZ0>wNS})X|iQd$n$}Ln|hY1-3% z$6ed~6YDC2qVRhj1&fE7<51`wW*mOj>;8J4x%PVW%Lqu^F7e~cYLU(45o((Pv}{8y zW{sUc8x5gLf}q6c_*V30$JpDvt;9#n>kB$Iwl%}wR$z>-IY@Ewedb7!t@wF*p_GR>G6y)gHpAy1di%nIpx0kmcz7 z={G;KSd&sHC*M=SN_;vjDJDUqMhh`qF$XBh3=Io}lAg5U^&~@qr|IHVqyf|=LsZ7@ zjY3b|&&wG)yt4E8BKVB6_)xV2EyTj!Q!T8|4K|nAu2S}R+WbqRn8?@=&xTsUdNu9`v;^r+(xJFZYp#Z^7N{e2=_Lxi{bXwdxSvEmW)I(x`W%> z4EXuRl~1H^Vm~)d|6uD?T3Yzr{gr&ATvNZmuKkcYb)39n^03)6j0bLa;k#$p|@Zv_~B)u5xx5gdDr-g2zBC5Ivvj5q*|K68%B9 zYH$1o;lR=OGG9!qk!=E5T2c^12Q%bF`VQX;ad-PSYJ<4#i~kg!vGAW4wUlh8UOqnR zQ5pP%f99J|5*L1N=@cvgJ%4Dk0(_y!d1AO=##W>aQ$O{zPNqd^sOg0 z^s#Ts91jXz46AN_=1J-ZDWHqN+Mt+ru2SdS^9;9pL&U}2s&{0&Sc};vptOLgJ|CFq zqzxjHnLXaSyN8y$BJtX3y`IKuDT>anJ7SZ9c%tDI#1SRASdm!m+Xqq7mQ|;&)V!_Etg) zMFY5soO6+^3%hF&tz}C67C4y|Lv>Q z{-M4zd^?b(+Z9pG)x%ztT4_n+Wm+N z^3c}677Yku&1a)MQo8TrkBl9Kl^182nU^c_*rp;?YCp8!**@dC$Sh0zs+NQJhKm-5 z-rtkj|Jm*`NyXX7wZcU-SZFRH4-;XNtO+58-$hxe8-2?C8poEz8 zTN`wL9XcM|VUy`yeHC(-1>iimA8e`K9j8B;EhdW;YOE#-ChZ%y4mTRJK4DN z4QYa+TOGnKEtcu5pSPcx;M1>XD~*@U5044E@f=!KZhqCM5j^0qUcS*iN2F)5fDTHy z+i9nbt5Gb`4D3&DCoWD(&04=2^hBq+w_b{F%WT_KpO;2D{JzK2s{oG3m>S?!tEW*g z!?f_PI-_)v#6kR`4!9n4@~2OUOTIgsS(7oJ<_B61L!BL*g`$!l=D9mqvN7^W?o#e` zFPB86%)jsIzkbi%Lx`?Jt>Q83C~^1c*ZDPAm#pzuiR=(FB8yHX>4vq=&H zJnPjd7ocqmZIlR2+ZxFVt5vejfE}dlBf1m%A1?r2`vqFS#`9#LI~~03HgS|!L=zOH z3?2ruv|-U5tn;UrDERQ9hB&f8c5inO4APF#CI9C8OFqA2$Cq3re+kK!z6FXjCRbvH zgjf#eRa>}l*J*JCYf_GcNBRg?SM&&1T<9el@kkH0H+p;jvq0sO#UE1IL?U2WD7=aY z*Rgl}o8<@~HXdc=3@1rUA}L)LcGG1k+}4xQz+Zs|OmIe`qU>nZiB{-v4HQAaG-S-*K zefe+-B~r?b0?;mAy233>umzyQy{ZO0Qov^Sp8)mpT*3{TuUd{f;(>OWj$}oYeVhXn zo{!>Z;N%n%k2ekUcIr}!ezUh66&_j5JG7qL#_jz$Ob4D ztwMq$O5@il90tI2^{x)yElsPNpzF?CqkN^b6s!4~;uV63YAhOwC;)hX?&L2JOcWV+ z_z?)UCdv0-gSOm3I20ZSx*MZFog*z6ab8nt$&DrT6KLYAr72HxTfCN2AV;>s=IFC` zf+y+YG=G+PRN`Fyza)PfGN;bzRhxI~RAZBQl5a>U2-8HO(CR!>m}V}$R3^E2^C}Dj z!}%xYi-D`O5T;dr_@Lkibe9;}8jJC`jd+*;@O}xYq+@q!zu-j{S62iUPD)Hg~p7vna zb1r`sra0fMOh2h`pKOS9zo7vE@=!-%CTzKwtUM9#O9)06%ID|vyEngfbueCQNJL8Q zPH-Ck2*0K8~+jxLpjAxY=}<1gJu1P$bl_=gT#BFl!Aj0*Bts>aN8XnO}lV<&<-HEaDC| zKaZAMBT@$pq8g~2$b1C090mnEG#ZO7W$5kospswN+V8cdn$mAyO;}#6y%4lXYaN4( zrQRw&o;NXSBN}|OcK@x#yTrzb0l&i-a(ymBs^9L@RBqg{WX_7v^)ztX3B4EY{2dIf z3zqv*&ag^~C;jGIp8);SolaYuOl2$aCZeY*2NfpIi=W((vdi_f$G>;&+!4kg8A@vP zN>RS#!beD*N%9SQ*+;4J4Q8c%X{nf8pr2?``!rTfJ&8ajwts<1{m}UJw8&2hfsQggxC@$&b*NZRB)eaNmrv*g($F6{wg=B^>` zBbIhm8D%h`Mio|beaSg#>esbl-D1A^u1f^#De*xHY}p6dty02xP(Mjg)-aA&!<0|1 zUY!F#_AjJf{eDj(tmj=TP=Eww-RY!{Tuys?Qm2mHA$V8r9got_(VA$J! zqjG(y7~s(zx7m#eL-JpE-DrZ+zmgjnZ9v&0ep^)75cea{*D7Jfy8x$3`WEQEO;w91 zj3ubs8t5k7Y7pL&(fHI!3)Z!FS2reBrEQ~tC+9`g%;|g}g>hs_Av-GuZRD#EXnlK3 z*%{pUMa40t{OUVZ3=cYmhZ+&qNXw9dnX&Rp0{QnFQ%PzO8~I?efPZ*~Wxz9B+_BT> zJ;`4J*in|U8bF&%sf10ZkIR@+XJy-7BQoFox`-y$c+C@lX>(0jGY#Pqj<7Du6dQPa z>YFWld_UocU*|kr=~|WJMlz5IWD1K`^8qUXMEZ@0)cdeAcd1NaQV6^G8oEV8snnrK z3SDen*RA z+J>L=3V^$PTt>l#p7f``V~l%3KR9zoY$V2U)&8dPw9k+!3n}qO4`pj*$^!~JeRJ2{ zLIjHNxmhfTd_%_J97cGvFyM;l>Wz6=VV|10XSHi0w)i4@%^0OwXCwhLy2*QBSJTge z{zdV^4*E%Q6j@19mRTp~S!NegNY~kC>shABD^3+0f1O{=l_Jz`ncMOf7`~{M$2zw_ zHyiEE9+JVKfFd_HPmZTMDjo^wiB5ANATStH-l}~I?LTN=ZRgw7(fwT<^1&9+_DtcCqW4Izo(+Fm<%UTOc0X2$dU8t~3mV4wrdNpUJ-X{s zlP&XMe*-$wJ&tDp`=KVoiX&%Be44o{qCwpzAF)E7=LQSUo%*+HdVf{ja^ECR}6p`Wb{X_;uRJ~Egzx7S1VZ82hiK1F8Gw113qE+g* zDE+|0=go?*2(XyJDt{5J^_pP%UpAk7_r3Of?a8O09Ws?iNg`sU zNA9zvO9r7 z_VC(9!%)PJa@U~4kgl|hRD)g03yk>tOeimk+rXvSxk?k0+_A?9&Hhk1qnqrwUPBYu zE3fUIAwrwx2JnNpGZZA;LPgSpI_YL9u7Twy)`WKRL0qobM0vuIUU_OVb9#!<>$^TD z!*cAZ+?EJB(u)t-iTqu|Ud9Z;+^U%LtKLNn2uW{!H~Z}OrT8ut?RKTt7{`yWj&&Wx+G_}~-a ziVe;Z`imT@$}R21MK_7`IzV2IR~#4mqfL_ff#*#8BbHQc`q$_JBJ#uFJbvn zk&3#P(w*@5@v`QqEb{8 zC&KRpp~tqxu*8;?_6OEV6Dx3zZ1G-D2T(R0nOxOlN#DYpeK;oqR@lu1O>1-cB8Xo@2zh!#nNSFo*z^ zKXW!iwX|23#A|MJ-KWO22xf^;X~Dbk4?rE-iUSrMd`O<9S$S0)+uEhscYiA?P-A8z z=kB})V!m%)SAQ>Z>tLd4tMu5P!})&Y)@+hEDDBm3Fq;7yyT1J6qu%?25jSbdE@W}1 z{Y={mjs?+10dUd8TqqkQTNFQv{RgdEAnl3Lf<#gCLx&(v9K!c=KfplkCS zei8>pc;0NNEBr>fr4Ek?8|RVa?Tda+^QYM@Dbh5tE>!EdcfSV}zW+~wB;f!3fe>0F zQNEw{2QC!m5f$Ou#w1^qXW42EX3ff|f`q~%o(OxqY}x0;v&_USIsy9Mg3I>$rD0l= zp4M;!ooL^kZq*2h6p)mkNRv}LBLnI$W8VmDs_H>29+xd;2|G8I8pPff0vQ>Z(?1@| zgWxTHE3E&i6mFy-6ocf=^%S;5DETN|nt|!L(?6QHuT@o5-TlfNv7UNZ&bn5-Ch%a$ zaC->&uogM|X^tqD)foFBs?2o%-1mJ*XbDNe(r2|i)TBOI6V1PSoubMQ;H`Vs=|V{L zaonKj%FX#`B1>SpV(s+8f+Dq_mTV^eS|QA6_!F=Ae#5Im+4sODEuH-{Y@RdvIahQ; z_-~VdiZS3Ir?SPw4jrhO1ljuwBzlz~IQ|Q0%BQf!2doeR&5_?y2ozYqHE=-YfTQ>9 zo@#P=w+{EzZqjgSex7w-ih=k(TOP7YHzR z8Tcat0usq3NuE?JMy)!qVW0JU2o^<%XO8z_lWex2o^s+`IciR(uMX8*&|xy>x?$_@ zfFs@SHq%A!2Md;@4?xRl0lbldvP7akJMc!ksEOVbQ8j`2IF^6Z*MoB2Og7Kr1l@L# zLkc)#ftlC;$JSRyMWME9(~N`+Db3J=64KpLQX(NOB_$0yAl=>4Ehr_O(hUlNG}0yA zoqo^k_v~}_e%JR0)>4-k-pt{-ZFf z+;dZ!9_mAQv@~&H#mtsQgOmA6Ar2LOgmN0cJxK&TpsFc{?$hk$EO`I%OyM#QBfADZ z2r#{@=9}CC_n(I_F2wTI==l)&UwaM+(e+dPK8Lo zdVlLBr+-}J2X@dT*psd&N8V<;Rw<@q&L>o(NN6EeMORsh^!qJzZu#^W6GH&vb1P z&d5m`VLd*AgTB>_CQ6a_)(E5ohc1$-Cj2qtFi&vtnEu@Edk@B2dE8A8c`+gSeuFPy zO7$jI4vuokL{Y*3o2OIzCPh%3Q_8yMWmXxTYws$7>Ie;d5&7dbYUO>FO=gw!hkYo% zUV~;}(@W1sjhminP=Mys2jLK_XLa35&69L?fBzTxnKpX zn?3)vf|>tWLGA74)<;IL0!#r2KFTz*w2+CCZp>CQVBIn4Bcp0nzUdAlJ_0D%RG#gF z7Qy|dlc<2`u4}49tH9ll9nC_?i~<+nt@Ud4@eXZZI?FwuvF`c_duo| z-bNzBP{%P8AC}MsV!%K5kZ3XN3uGv`-qJchV6qLN2bufV2nzlmmQ=K^@0&u(W$L&| z*1;*DJbhw{6otk`ugUh)lrPj}|4|@A2|smVeV157%Orv5{lFKd{1g2XGc-%}uG?D2 zdI^Q|lU-egRE5`jWq5~3LC?`+Ppv9@*$KpBPqh`3RL;6dI1UzBP!5%2MC8Ro-qJlI za`9fY@^^)aaOOnSEu|xR%J^(RP@wj(NfLt#^5A@Xl7p6--;%kHDn!_nuFmuNt#ptt z(iJGn;M{LRmCvOGLNqp6OO91^|tJ=EK83+o0JYwJ#zdob= zh()*GYZh(5;DvHBZBy3#x{1J{Glo5JC!8%)K=%k!=*b4RSxtuz+82sEf#5_OePYRw zu3wF4)7{y6+%^-BrR@-0%AQV)X-e5ha`Pr#_md6dA2g~s>AgLJ>=>3I!u~|4$f&ps zmb5vg!$&?C_}|*DnI-^Pt(j zjgitu>|T?J`U>|o=arY@*%Yz!GA8*Wd0O|KieC4?gjpcTcXYX)g>Yqx&;6NEI*hXS zk@x+9MwyPG=c%R}K+Zoi61dOw8E_ox6r!i9EL5w+M;L)u{K90;qTbNKi7Z!}htL;= zU4&rsBuf(hHu`gw<40Ym(KOQb`k3Wi671Lo- zN`@VrNls~2p4doiwH0HaL1%eljd8?l4`lr?@H>VdQx}->7+VUENPTtC4{%lnjPWK3 zo+V-TcJv3NN-<1CWZF`m;>z6@Lr~|P&OVL+7t;N>af}G`gBwTs*!x@=GFRV0T37j` zeV*pPSl+BY$EC6-=M}H3X@DUQ>Jr?=nocM5jv5zkRlJVV7LpZCfPid1V2aA7lPn3samji5>SgBv zSEuL23Lu;E#D7PyLZbr_I->d1l*v9IsyvllJqPlt{PBMz=1}R@JFq!;GNA`j66wo; z2t|*;^iS^t`NS$53cdlTIILbU@B_m-oQ@^x-(q6GRhbn0cZB!M%t;V;P-Eya-=^6z*9*+9GoK4haz6omWyI<*c zp!XAdZYdP;uKx{c4>CW&=7CJdIW3tiohVsB?^!xHv_qxe0z?If=iK`Bmt#VJDVb1L z9!|K%ZI@UHe2DS=&bN_!1{K&c-7{)-s!E)W&KOU$Ni*;KLn^XVMNc)3$*A#@158Jn ztjAebYyq`^QV{5=4!&I%hu?uYi4s|W3C z2I2NyWbaTbnZ#r|hJ^cGklWo~Y)2-*7J8DrVbaVi>}Ut{{3hL%vO#Ilnv0~phERrt z)SI-Av6?L2oRY#W`)!)2oydYO+rXwP@z62j^;BYsgm-5r`Y&M^=2D8ESnn$G1wBJC zh}=Q6rzagF@t}8W!DqnN0`Ce0oUXsWcDnkRQ_@VL_tBeeN$EPlQ!}J$`kTp5@quBH3IR(|JcLw3&9)_MRlET~2(EWCd+uO~GZ_nkEQpfMCv8o&%nJucUhUh8+0;@B^SvwsD6-V^oX zG%BzC-c~apvc@uv8?An$f~daO?bsT_V0<$oq@d)Q|G4Ky{- z37U@f_e+d7Od|n`%3SK%bOzWZ5`^!tQ4GXu-An5c- zhVK0$NImtz`=Zq9%S!^(E~Ynao-EXS+G7sU;WqDqdg*VEklePHe!)q}S?O1g6yl7;kvsDK49&&wq5q0Ryp zh)qX*2cwrnA54!x%6iej7&ns?X1nN%ten((yK5g*F6n0Uej_JXNuHGH$d{`{Ae07< z@0;TvOt6Cx?E@9zh1r4Kxkhb7Z*A1@O{Z7ALdFx*poV*0N1!HQ(IoEB8Fav90|~tb z0<~5TR_-!^Z`#AfaX^`Uxe^TJAFcPj17($gXxNFJgjO3g6CDLJ9@i+E2*>)O9qnGg zN}C#q8NNuDgMairtWxoS7Y&gIPl(ShgYRL9;bpSNXkMvT4B;>;Fdbe({L6Z7aT=}x3z+}GDtaEKhz`sHrxG*hPO=`=5Rzp55j-Q`4<zW%OI}7=}V?(vqciG?9a- zeL4}hopW5(N;b(LK0k(HovKf?Uma}y7kw=#G8uG~7ME5$zGW3n`|WS^4|M9srrh5j8tc5YXIz(sILleyl0~9~zpi^iE8a2!G6Su%~-_gY!z~Sd09ikXxCh(WTuf7k+ z<}D+0P>yXJGG}T+epf!CPcE2V4#X%eGBL%hNdezp612are%9iXV$Fcd?C_^yIHjNeZLoWCr z>|`@mjyjZ-EKe&~p3KDsRvCUk5F>Vw>l;%tu8oX;49&D;2Y&T1en*lSM~y%Gm=+Rwas>N=LdF#)sedK@=Q5f$k`v+|;x`$MdyQ4iG0{0lC zxnJBV+8n~hOji06=YK~GN_Iotkr$HkBrbMhe{P)Pe~s}G3W>nH7BBso{U;>O+UOA? ztZzTK_1-m}bkgHrdpBJ%W= z@sJoDGhx3(NF_rQjre?oFU$*86m4^hP*7kgCycx=Gx`MFporc+FF9vsltKZ+mkffX zx(qk1&ibc4fh$G))cSOPT_Il_Nr}$1<=3fX{U3A7*P^0br$|Bz&tv55m73o^x2LF5 z>4rB?2tV+%l@_FY@sw0lpk-98H#e8A3d{9$F6vfeyZ58X=#M$2_q$$GK28OnN6RBT zGuF~)R!()Q%HRiz3AS@&^+v3^n2Vn>O{j0(-4h<3xNHo!f2_!RjSv{G5-f>xrXFn5 zbPp5ryn<^eRnMNj(1nHJ2_2r@oR)dxx}lvuJTCb3p^$m2w9CBDGnXYMOrVfCy zWi(b#>K(ckA(K)FMp(j}b~CYP8w%+|$KB_~j>lw^m9H62EM;Y?N>=NvKE~y|z63dG zlv|o+#DadSVl{?Ht-Fo;m~hoB_G#}k=5^%r$lf5C=y!#)K^l}CKK#Ao!>!_!+Rd#g z;Kw1vqCe6UI71?=XPyGfZYMwGMBBaOq^al$YY9J(?VFEZoED@jZt*kRXOlmh`tXH+ z)sY)M(H7o2S^mR)|H2Nt8VBFf$R4+=&V;JT6-B4qb_(;F{zZIQAI}yf(1~&kOlN&?+iiY^Q&e3R*>cQ=>6btNq~KuTzewie5{0cJ7~SSBo`9@QWed(HA+ zryph`^Pwn$Za>U$r<0L2n|(Gql@O1EgA#L}o#l^t>09Q26^x5&26gIBDl z--WMOlabsI(V#h~VhKVRQhk#iagot`KwmezoaRL8^oSaR>c+tNREhj@E5MfAVUAEJj;86VKGpB4G`5>Q?f?USwQoSj7AJiW& z_uiuK7a8A%KiXUz7$JERwCX>lUxt2mn%_83lM|=wfW;>6RA7I_uf~yt{d_RP@ux03 z;i3X>FcxR{4uv#$j20cm=^UiIg8s$jIipvAcL(Zgc< zB6It@^82W$-(Wkk%{3xd2|dT4_U{I0(tFSCIjg9%G&!5}UuM};5K7*3VKKk*@x`Z= zy$a~8Cfu#bd1^^fu31JD?cS224cIj}h7a@|e68G{I#$-xCg82lR+t7Gd^p>OuxSpp z$B4_Gk=NWVHR5EO{0uH?)FOX9QKb3EdCp%6w^w6yKpzk0Ltq<9y}$gkMW&ioYX!Y` zeECt^`FYPfL6QZ9sNz`f8G%ySsFXQ+{FN9{?fQMYVnXWrMML~9ANS2fKIvu`(IW9p zgcwB4W{3IQc5w|;(oU`n;ooeAofBfeldCB5>6;y7#1%}mVAer3~$R3%D~`1 zjl&AF7qaW}K$;ZdtZ-rlB-AIB4_Yq=?Umv^z0W!CuD)euhuq zh9)?96P~QG5+^Oxy!gJ+Li6QrJ|H_MLUuTmdSpkh$@}oIf=v(a^^noM@9z3l`s&nK zRW9cFZ=wYa86|JShO+W!-mWI8>WRN^S3NrH$Xbo?!ZlyrWXo5$-7@}&HmQ~zhitsR zQnmCjw zgpDg@_Ue3}!@lM6(;VaGenp!CrljOW@K%5FTPdZNrzH^&FFCvpu^WK?i()4)eh@mp zN<9yK`u)B1vZkZ3H}g$88b*a30?7M-%6pFsnQoQk#T)R>naqphBA@dLYIznI8psyV zlx~w(u>sK@NU`C?UR$$PRzkNypGXN-MT`-e$rHoHHcIW=j_n#QEySrCmIu|eIr2VE zep%oLxdGZ7eDCRg;_N;6vUCSc@iyL)w42{;1x(5i_q4R~JuvkoZ5$HVzW>QxJ8jsO z5}Pc?CGPcsFY4>|z5iGECWZZ03>x0A((940D0 z?`W7NgLzJ=C?m+fDKsOfsl`Y0M@9KMSs*Q#z5 z<`}+V={8(Bpy}$CGnm}9(t|O>+cnsRq%Myhh`Z@e%xc2M`q28@#wf=NrV(!e=4$Kg zl(n1o$P@p1<9axV-W=b!V22=}7(@flU6Y-og&dhB8`4%pt=4T=aw` z{+qxhijS9%Z+Ra>Coe{o&X-PGVQO-A!>0O#3*_k#!IyS+rRnhH(BJJ(e(S+PB#PP% zJr189FH&7emS3H2Q>YVNOF26M6~y1ZgnQgMr(waW$=nj3u>w>$N6i?1BiG0>%j_ya zcSP)FWtV#+n{!?L4!E1%59I6pde+Xds-`^M+)yvm%I+#n9NB;NL3|+Trg?r)hh^C1fk2LWkj>Q(A%=VM)TW2MhapMKUwI5$#= z>AlHq?~l_XAEAd|l4I!FkXmMROluwJ&k5PahRlyMY9RX5cCW__1Xt93`0eLs7tOC> zbO)4yyLbH?(jva?xNIS}pevXf3vZhRe zU8VpPCk7Lj}0NjEL>3BwN-L(W`DYP-;8(Ij;R*r=q! zOneDv`HWxvvIi40m}QtAQ8jri8#_45PLWEj-yH;t_a#3uU3Mhbrl|sBl79D7>o?;Y zYX4*&>)(?03ICkX=XVI$d4>A2GTQ!Gz8}K7;mA`0r9mz5xYLZ)de#m{-jmaQ0%B>H zmf_dUJ>C>{0ool6hSr#@2kMEkZxh{OP@DiK@W`JUYgAhbbIkGPJe+00G8u@Gt!=I%_bSv z-p!lPU5V!m!}#>te%3F8VsAEedeB1~p=(s~u&x0K@$M`!{tDA8Zd6d5qlzVHMONy` zsZ|~m3!+pUjkvli`^EHr-#WT*PraTm{^ZB+F0`1}(c}brBjHRgPp*_=jo1pCgGZ(7 zbJ-l-TYha*?#IOXbaUq-^-e0)H~}Ebb4P1J1Ao^PGnTbO|4>o10nYwjT-Ar25)j&l z3&>n!UbEB`XtL?Q^si`Ms1_C0sXoRrrawS=PV6~ac7W6Vs^ZNw7yS)-(zC9JAg+yx zS0+HlC@J+^B}0hp=r=-vroyyWmgwVLg{d5U#5pKbe#e0oo$OC`BIo{ucuJ-7;T$d| zPuY-^g#36=WIIKToqk|OZY$Xc+roZg;ju1(=IhegMiv_APZ)JC*0!s{|J7Bm_}z1N zEY4$Sm4>UUr5y^~+|RIT&h7n-gMAQ)~INBVCnSf{cR!h$zht zWwjen&Aaf=I!McgI$d|t5l?iRG)V{xmImG3hOWIMNOsmo$6BK39Y3fr=|8{^`M|I9 z^}X^ZA(hnFf!Xk-C1#nLM_Z9pcOTYT;*y=)b3>ct6W1SY;dWqt%_-;v$`2K+$4Xh1 zz1;~F#{~z;a?D}*oAW!NCss8IpsDm8gUtWk;sz#N9 zLAwpq5^aoM)ICkxgnG^%jq3gK@kf;Au~(FnfcPz>epGQHa^?ZorWIdUexese!kkB@ zIYi-K_J#XbL8d^y>q+n~uvr$ruyDQv`p08cUUoy)WpxjfxFdMCo~-<&DNxtf5E=Ps z*F$}Z!nJ}{UNKqFYQv}H8DayUDmTtQRg>a;^{(Jk^rfB2jq0a-&};1DlMyz|F8j~9 zjlUy+BhD?BtarTcKx$JaN_uJHhpnrWqU8;B@y3_QCX8J-FeYhW7VZ4*;m4E+C2r3o zNBh9tDvKe$ncLgrx!%O*C=32Xza|{+Q(~{*p9BrkrONpcG0(M7=Ino84S`C|Vw5W5lbs zYchQPIn(`{2S@sGa<*`nu_y!IJ$2jH`? zGV(eQ`X5c|J4a4G@F$7#50@Elc{XV*$|TLH^j4!{Ug_%-7EOC(XYK%70qSpiQx&M; zzfHQ)MpQbUlkgW!s8RRU5V8>~aGT-P+62)?_c*0GFD0ki{oK>Kx{pFPd?+b}m?~CX z2KqIh49O>!YxYC%=|zeJO>1-R7sVTwcV7C07v&};;%QBeNQu$Jc~)F%FmFALF(H4X z8}$bH(&V0Wde^&YHxqq5*xbRMjer=_luDn4*k&iLU80uoJq3gcRMF!1Ng<(~iPT?mcG z0;k+W03EeR!b!%*=@nx;6emLSC!ZA(K}RqQ`w*1_L-};)XM*2rt`b^`%$lvp!wEh6 zl&Bs;Yb6+OO`5SR*Z!K0C=9;are?|5 z*xYq{+H;w|}_ zD&=(tkS)hA7)$@EwsoQVf{yh_4zA;-K6L^F>Kj12_*ZWrERbKPq=~8XbOb%rw;`x? zvLg_C#VInMTqT*~SMbrDgH(Y0C!K2Qj?goYr+;85_iiy&ugr8o>m`{`{MA?+N=F8u zfoEQPHN6G%RC$zGzv(W^@p>q})5Il;-ujwsK3>O}5#+#TgsOu=Ab%>4ljFa823J|e zlnLV{Ryi$b3D-eOi^4{+do_i}Q62(sS9=$La_R1q9Le}cVjfMXg$;8VGa$*FO_HWW>sf3I}=6?HOVrLh03)ak8k z^}JcdL8^>r$Ki#Xl;TtAZcJZi|H1&>r$d2au1yuFL-S25hFKW$= zE7nP7>nbo;QL2DdtzyzipoJje!~UnH)Vg0eSKx#v>odVFyl}f~ zy3Y2)=|aEN%X2}qRF_GmbSo<4k-yE)g;PuJ_Ft%1>@%n2sybP zuC#5n%WiMkE@mc;8e9w?0EkD?$yPHR?3D*@%BzIUBi+c8Koz)G@bcbw zHI@<=5xx6Q%@_H<*Q6gT@wUVUjc*U=%o0Wd9Y-cY;`@ZeHe6OEypJLjnj;h1SkE4V zW;+<5_NfoZO?DIoDQBDmqSWNcTDcfGW8?x!(Ljqd{=S;WT@v9wdMuqzF*>ARP+(Z^UH8S)yvZrHA9OR@QCb5|=*cza)=}A4(Fc|c`j7GFy{_AdlZ{7z- ztAt4saS&H&eq<;UAHyDbKPkOmT(yRgN&nHJ`$L&+w$a zy-KAWDCs%o_|!|r%mW=xb3F=b=x5* zb`qgx-$j<&6#4yh?!mf$&Ms#<#mlLq*ZFtH+S-kS=bk^(1z(Q?c#sFbW6EF6A}vTB zhz{=C$`^-+Mbe^>h4@hP((+HRpmN~yfq&r(!3U*lV&_O2i)&lUL}w~7|MUtW-joVGi=ml=xdhp!0DldpeR>fOH#6Fx2^Vt7em7@}nT$IphDn&i~vUSOo+C zb05!(=wZ5%Pzc$Bur%DDe>QoZJjJT=4T zXuk|%lVk7EosfeaNr6J~?fK@$)^UBge_MbM2`rezGC=8sYAT7K^mV))1=CMVQyK5O zt5>%{cx)$>#D4C)J8rq1Girq$!zxEJ4e!f(&KybHy*iHuS{hl z@qs^$ zA_0__5#G$@{An6zup+bB{a%xA)N`%^=Op%#Y)Mq_MklI&SiHaXR6)k4OO>E~y>KoR zsly=CbBpCg!}^DdhK=R$d@<%~NnvbS$JVRUvbDOaBa7h>?CGwK_7sK1Dkve;$75uR;di-GG?w8f^5-a}WjQ@IF zz6>xm0A*%KPx`Ecg0ekX#&2Q!g_a!bcN3Uca0GA|$tZG~vm|A{{ut=V`rP(*p4vE}W|Mc$oDymEUOO^Kn zL`t?Bt_M(0o5MlybM9zWv=9joe1{c*)gGblx(9FispYw2$bamdZhr!+I)I1viXgXu{=`}xP`VD9A6Y66Q>^A5=E{rdlNK^{V3hlJ?xS>9%7 zTi0n};fq_oEjC=e29qub;iuI)B<)1H;isYkrHyy)ZhO-f<`=};kUlU3L+F{I)==SR zO<^lluNIa@_)oe9$?uXcFTUO*%mZ2n`Mryn?_k5A3()?E(*HBGL;mn;I>jQ@AR848 z#j>Ggk*Zql+N1GP^m&c#*S(Coc`lAO(j@h!8a!WvTfV}=lMP=C^1P=M?ed6S;rjQZ zfE3XswDM?_d~RWH-r*Yk1fZxX zV}}P=x_L5Ck$|(kx$SX7csQG3{czJx5Ms18@ffjA*U2wG3#fG0V<8Xbf16TYV0H*e zDeU?=(cTt|^%oSE#wiL49{si{>yH+{HG|eWjXjinh~=V^oWj}^j`H$U^lZv0@QGWi zY-cOGS_UaxyZHzJVsj*bl3yI&ytmPh)&r>q^=ssm4$IA82>^(TRO9K&HGZmiR5E%X z4wZN&fx)r_n$FphwL)J28cr;QySHiQijS3O-asM0bc;CPK|p7U;E&wScmMXjY7t1G zG=}$NveA$O=yk5oipvy3vqr}V^QC*E-V!dD`bdZl?ztYb)j>r3sV9k+A;-SPmEte@ zv-u6Z=OETbrAw|STOr7c>|$tK9<Z*{E@MyTLDJn zv~S}wS{n;03cTGP{~qw>rZe$xEr1YTKI@652Av`Ae;aUEJlM$i{^p@tOc|J5vsVf2 zP5=oFS`5o>-McwP`m!c<>i4U$>h|~HTC|P7o)uy9Sf5xntj0Z4?Ce>7K}bEW4AGbz zF!H=QdBUN`5#pcr*hCS7O{*COmFCkQPV|jAx!G^w=4jk|-duXMRq@p(>+1t*P8N=2lLoWUqvPZa)n2l3oOWJO1^hM(~jd#5bpk-@F)u z2#9)t!4U+fhj4%xln~nYzFilW-61pi1v&LKKDukWJ^x;9kr@k0rTtbG>FuHJ@R(1w zEKuG)wBX50pg8^OUhKyH2NC@ucS&clyO(@+Q)(&#^Cu% zEE)ZU-fc0QQt)ujT>MuomnVe6;HBP-sq?2Ew#eYMs3Y<0F^c@5*Q^in(a)V}rnFz~ z(N?c6)fRekJHA^-u^+Mh z0qH17^08peZ=JayiSR@=^s-SE;Xw`DtLKjrZgfh?CBr{JI&1)%a;+$`#H(ul{ZLc+ z6TLDyOSDq}cIJ^OX$X^(PEY->1Di!WHU9Ja+lf4AO(8VyHw<5B983aEaD>nG1*JP1 z4O0YPWO^Ja^e;5ejNQw5B@U(>t}H#VyMf1#2p4`>>o}TeCV7&E?&ApA0lM*_HvDD2bjw%=b?U}i~R`d9prgCuKgPwFQ=jidF+!i zMOEgX5D5W@PYD?hyxc9PNlt+p@>Kc}Lfgu2fC?^hzeL8mizv82volY5$G$IbRhX_xold}Yo4pO)m(V52 z?MW;7JxjhytUnawaUUSH8p#WNPtlRuK!O}VR;$&4Q3ia{_c1~tiSG#zz>wY|uC`o~ zk_>Y*lAaD=C7{6*H2=E!a3EVMC0z)m=qo^v;bh^eKSvvMNo=R1Xqp&nswxb+ZZd*?jnM-vk zkvsv<%4O$ajSE%ezazLV#NHfAeCSnjLt|Y_@Z^muB7HpA3~4J~M}TPY6%Ul$PoBr$ z!>Q>GxSqBeT?JIr#MqCr{pLvquPenG>KIFOifGl!ygUUR`=G~CbFs({AVTZm-gqAn z!m{Ka;R2)2z_^9wrS*Q-oq4;PCpVNS`=}s1P7+7Ey6@m$@gz(aty1HA+jSJrFM22M zNjgq|BIjnY(u?~&RYUA5**y>6tx=zg3TJPSxjNn7_tUMwT7s2ZjWVU2p3PJ`jkA_5 zLzhLL^7=%LY8*l@^7HvoV6QkQaG#qnrPQjr`atP0nzI@E=spDus|=Eod~=9g)(yN< z1KsO9juxVytAhtOW%qwLbhC%x?s8SHOz$j0l-!o@xh)^|D(7T@ zNg?{5P&%r|o+1%$pM!v&$tKHgy0W{NHiP&3$SEN+SNae(F*^f=Z-<|s$&w{5J}OzY zj6%+hL8Fvbv2~60NTW8#=KRNCT0aNR7qcP^Zyp1u_;-27w^|lhS>1OW6xz>$7&|Hl z{!|x*T?{_GoYslj?9fvPrI1UX*^LxQ`J7n%h8QSu0I5uV!q*QpQ#5H&@*!`g%G>ke z`Dsmx9#lJBI?cZNBWm$dZ<*H(7!%0K3-?B0o7%WMqN7 zS!gl%WPLH2R@TfU7apd#9rL0vPTyrSpG#f(c8lLq?Q13t=x)Q*@+P^t7Ge2K#8HM- zuOla2sSDT!c_T&oU=TTf9P80qwyF?xl<@7)zmFW5ZqWoJI`#F=FKbq5555hg9G$n` z4r(lZd;ZbPFYM3A2o18Cy8BH<@2da#!nrjNR?;*FtU~hGeGzv_xN&FTm^9#hp)zHN z^kp-W)745;h3wvJevZLK#{Z@K^dq?5n$lg_55{Cp{r`RHd*H4`H(m$VJR?A{Z@T+> zb2|TiaGIla8LMGwU0hXN8UD)*R_@e|<+i#My!O4pxmm@iN{fx`qr2+55j;m@bVq@Q zE`}X)lh=hO;uqmi9VZD3yuY(RQ|VT-Jr+C9N@-ga;<_^|DIXOS5Q+Z3mmEB4HLzj^ zBD>7Tno#)qZrz$H$l?n37|FMsL3o^}IIc59O2_Ga=izn|D`)o858Y7i%V%Sw6^-l7 zlB%IZFdnhY7Tmc_pEe*jYd*L&UP(l2GK{TWmJMoif#W=okAUhv8W1A+sK7OiPhFuo z@ZT%%mjvhSD*{L16^d0rVk_l&{)3NFR>ta_y?7+6kiRnVZsl_M(?QbWbKf1*2tP8YKWS!^r^0UO5)Daht(tl>Prbf!4YBJX4!LpW)* zpO9t9%SdwGoBzJ)4-wfEqtC3UDE@`n56Xt)C}E|QA0pe2FKt85Ro!b7zl5Rrb|Si?L@NwUsRs=ssJ%rRyMryUBR6m*gS8thg)elSX0u8m;jv<|=AZ~}>8EFsxu zKj3(xg@Qr?(W$WU|1W-oA#AB%M`vV8SQ{V$vDYoQ7hBzJTBOsy`*U}mf`vXqh2(q7 z>TwO~$=|9!XU27ONR_Gg(s(z4;*z0I0W&lbVkU%w0GxrIG$ATkz`5w;(r9Cb$`5; z4U+&uu>d?pS_U)2*DEoUEFOEd z5fbzwsFF!JE%mVp%zu%142}W;!tFJwEHYp zUzJXM6N?RFaPenqU5nq*ia)#Xq8j~@b}|gDV29wpD9e65n5v+qm6$c6|MVX|1yu67 zR9~M7>rtT~=N-04*66!HbHi=YU<+vA}%>3JkC-F49NZh!s=-E(4WY+u`cd}gc2P_nl`TTKqPp~RrE zR+WVvxb45a8q67#MdCqUF;UhBNeYii|6RuPNAEv(M~kh0sM_ZrE27D0*=(KnQoG5B zUGH#n2mpg^ULE9Z0OSHua0$sl#bSw8Eicn$d!m#Vyz+ax^$s~DdR4MvJT8wDYQTKe zuf-ce)qWBfHC8iPtlFiN*8Fz=s3Az`B1)xfUt=Rfcv0k4J-(>?F!tnGJMgAm}Z z@sJA*SxH3_X)ud_sJPp8dpy2k((utb4n@zsf(Kl{$Sl#9doPF)($&7%RR2gEus_3o zN`z$&^ZaTBe~AZ2{{WHWx0@9hvzt}<$Cf7`wp{To#Um~)A0v#_~71Z63U|yGC zS+rcqMeIQ$euc7+#6_mdJR7n4{KkF~GU506z&8k!*peNOAt|uezjrgv{SwjVI)S=L!`@i?Xie3@{|;0;fz; z2&O8YZg&bv0*zj!kYp@*`tX-P%1?ecD3J0WuiFlMY;>BtzpEoI%C@UIC#be4dkPhD zZmfRJbW)ys89OGo2&jQazX4Nu3=Hn1;iX6(X;I!BP-acBU(lIvae6*PoVv=*HHh z)>DZruQQ#=i4Vlj4AAaV3c$FHymT_%j}%y@s(OoQQ897j99Mdut^deqo^S>sr|$)< zT%q|OM%~LwA!N#lF)*s2PVJ%1RC&&c7F+!uFyuOj#F!%oXxIe*ik$g}>yF_>I5HgT z%!ePKQ((-3ey&c^D>l8_g!R`0^7&g;r7S@b#=yS(nRPx&Z@JG(wpu-^DsE7!g>M;< zJPbUdJS9pn9!(-~(Rrc>iSw>2o+JO8e56}N7=#G60vSv_gQ{h{3$T4FWqsg@RMhQo7>S|i4L$l zd;_--SUMWoaNUB(il$CXoM~^=2V?TYm-&js|1qL%qL7{817kQE+xVo(t(bRN8S3?U zaLFq+T+Hpc;v_^lJSf<8?6C=8?cn_TqPK;DdIwNpQ9@IM3goH2Q6&=^d#tHBd5tG_ zRbYm_5F&8|y>Qyock>uw;C6GFKruvK>4}UV9eegA&K(zV(H!_u5)`lKqa4@20k`9 z!1+~}DV2jW?=|=SEMX5Cr3KnO>pzHm@zBZZ{w_B4As&?3%iyYpC3=UBY{~pU@!RF_ zk)az2v{@gdzWzGR_tr8+~$@g!#iL zoAnp)sDy|r@lUrVlRz*!XK?B#RICM+>MFn_A>bo{{ZFMLrWRpDW=hRFbDzE{a95`M z+0VOUdU|0DQLYYg`U8jgly_+xx;+J1r{)naMaC$iw1%+QKQSCj*Db(ysS_eYTYzQc zTFM;0(=DMj0b(*Z#ZNNE2n#T){l*?a+$Gs`YghMmU-nf%!OKPDUcO^;;Q4Ny)9OK) z(Nu&l%@AyPK_MQm>{Dra6uYOdK$^w1a=C8)tJ-Q!##B{oji^D3*GJdpAt|V9_?}2* zOH`>z@sKb7ghpb}u0BJ#wsEZ40+RAUA+C@5=`e<}-A}hJAANI0eAr*!SRxFOV|5G1 zj7QU;SY&v8B_bk8C2Trx$8?F0rWq4)!oi=au}Km+9(!>#g3XcOUb1vBol0<(4&u_E zrakfiYGDGGr49rC9X~A+Rk?B+AMrLi3mGt3AHFBOkHqxdnt9n9WQf>lQGW@v8v6x9 z5Id6;2u%Kcx-b+LKM)WRZ9dfEK7^#dJDaY2!Thtl4y4hbweaCW@gPDb+YjRZ-Aa70M38I9!PtM%}*O8?Z4L>km}vw_tOcmoHq(`JdW zF_Vl^P3Kq3`j=I|2O0Gy5s&`wZAXOuTPMUesjtx3h0gV-4db4#)$lLmVSD%;u5X(7 zw*gc#BJNLBdi8^zZoqW4;JMSZd6ELaF*_6fRU<)$vE{l8-!pY9;N_QQmf=|(7!(41I%*OlNMqo0m9JSm`@*Oh=)$)?e=<@So%9EW zqy>w5^Cho;^TR;u4RJ7mI%O;e`xC7BY4QR>0D&5R^J00~{}g9m(x{%-v8 zV_@)xTq-RLA{tKPONW_Cqrl>sh^H1RL|=n_dYC1nJK(pi1pNoP^(=9y z{YEoYC5}2!qCEkmB>xM`Fn&1Vdz^h7y9MjuCB3hH*==Gt!K2`2oq;_OD*A%j;q>=w z52fHC29f)B&vT~PKa5#)^@NRA_&vD1<(_*9$Ptk^9sB|BY3Vas;zc7SSuBApkx@o| zhWR7$P^~Yx71>j^v!kn=tZQ1K{~DJm;6%bOIg-Ca!R2IpiftTd?>)BDEWmt40Beed zKvze0KAQxy8aB&u&&;@;?@cT90_9?v<8!Wm6JB6(1e&o|{5k--76|98(i3n;nfq!} zqEq)-hRz;NZ~lMTBpB{Q9K0KN194K{-JMlC+Zj8TkXuS0z>1%5Tvt!TQDSmRym3>j$K9d%og2a z+h&q7kU`mFcfH7hqte zWdNb3UZLRgm$^Se4ew+Pujy{%?{T^HL6(X{&$FGm$-nC@5iAPyk*IR0^+aORu9X&r z5CF~bj#Cd2w#|Zbc>{^7Lnnc&7XL%tp{j5m!zA?0?NwyQ-j@aXEWh)#nFA3lAzGgw zlj*O(+&D0RB=+Ma&<~&!~~exCe10Qu(2=Y8p5zIpUA1RkM!K!~Q$p353t@t#;o zo2q!R5{>f2C(Mi#gYZYF+hd5tmC%Gq}w8)O|^`Z4KDatsG&F^OcIp$?L+~&i?&jGpedn2CtI5S*Njk5_TaC4IXVizzR{Ef$yS5Ca|ztP7jfYG-WyKM}D zaT<2`+T-9^wR6AaPE@mw4j6$jp*t;TE2!hv<7DmiBR}0*Lzrd_w97LJT{O$}d?r32 zVYMy_K6Px^JL*d3zGy%jk!Gj>%(>^hM9YT}$;$R6AW!A#i%|%;B?6sa{ug5Bkpsek zO8Jo1FA3_yo92ULZJ?Wl;>DNt2R#%jKkrY9-%hY$iK5FjN+P_JqShJ@B3?^~#FMW1 zKC!VuK@tb87c?I_{h12fZ7QoAIf!lgW=<8V2kfeuKHknGeluSU_xjrF-)U$gf6z)a z=7mbFjC$&~MAB;XN;+~dl7}?IIwH+uZ}DQ`;(P06b0PWZTMnc$#k6M%D38e*jf{-+ zZ+72P8$yUduvg0{x}DLK&sV~UB)B0OVu`AJzg}#V@Ysz@yr3yC5YR%6!+Z;1a|sEF z%NO6y$v`3ge|}Lc${$BWY(Z$MAzotHz5ObRHC4pm zG~iLJy9-L@QXVtOpZ-{BA2A;v4(TdycaJA!=U0 zQdzlfgwzBA#skTJ6SN0V<<2+0U^}8rI!f4B*2fp>FQ|8-34p)C2@XJpJq>--(=p~{ zNYJAtMjK2l-mh7#Q}&@p0G5lxQe;-5p;BcmX;3)h`{(C@!Lxg?IadmMvcH4}QouyI zTdk*t(`JYL9wsYHe^(lHE}B|rQ7f-N9Mtcgw(uRapG4C#FnHA!9td6Z*8q(&*>q|T zXYEA(&H@E&+4=6U12IJ%dmwvnZvE$2?$uizx&FGx4mi2$*bhK~2<g$h2d4dXE%nzQYCGubbHFX zb%5m${wbP)!%>8EuhT7A`n)vgQ*N$LhWX7S_{IbK52JZv*rOCjU5gRK3<6TX)h!qM z&7NK&w*yLRK!G;KN}9h60m~+6q1&cO9=A0;dyte*zi6M(^!|s zAYZULxK48Pcl4!oH>d+BK%`$<1xT#%WucpdkhNdAgZw#dbnAoI@?a5@{rKK{O%4?OVFDF26hr( zo}Db&cDlluXP*#5@kpiy^kLP?E^B}uY?|NL0r4e7G)-dpv{;ptCDarf$nONZVowa; zFi*by5qtSPBOj?BT98l}p%rPSaf-E&zCIDH-O$<^UHMbx$?6QF0G`*$9|Kn$~PicUmxAp|AJ^XRBE+;jQ zKN>vfSf_D1e)4{JFM{b1<>mp5-GB$u9m|Zq6fyXgb>K=o(WV4?elxl@pn{C3_}9=3 zA@k9qxVjb>T{Qg@lB`>UNpo1kRdl3;q8R|c9QjT&g_0}=6YqHbiEQR@55KWk zRiDHN0`lGQ2EcuU*${ZSPK@961g>q2I($Ld!NfmLc})@CRCzZN(Gsv|BuY{G>Cy)j z@oFM-SpE~$zfi{}CFQ5#U+gWE%yhd!^KX6gQZ8ysTlVsHAIVcKp^052VFsuxJDVDo zD(Ae^e?RB;&(7n%>Iluk-A5=9eutygWEyt6vMDl+5>3u4>w6zz0Jb+NGYb(Vk?@&ML z@XN?(oD{5#s)bT#Ldew+F=;<4I@n1!4R>Mi<1zsE@dFpII;b>`R-IG+?M{qeX&KoI zo7CHz3SWXewmNeXkQo{5Y-eh~x}xP1OhG7aIs6o;t~Wg#%^}R{!Xy6Y;2~l+xNOC< zIPid8B{*yvI5}01u=Moy%36S<&FQP^p~1xbv-6HVUFLty9UB|I{*Y3)F=bIhKxI14 zrMeZhUtbgpToduTnNx0HYep4^(&A(ffyz$x{q}gDyPXzI3jyWtY6Zd%EvH*^(;8W= zu~k%mjvYQZ4Ctae__|*^iU`bYxp}?^zY*Dp_I$U56VF5{R&1{tNs13}wZw(r{++rZ z4q)w-m$Q>{Tp+Tkij)Hji{tI-_V(L*EI-Dt?j{O+;6W4+U+kGRVt`2d)y7As{b7=d zj|DfKJlLXo&8{c^!V6Atc!=m*+3;OC=~$nct+g#0xBFXZjag@1cLUz+kM4`*n-D#3XQ+-&K!TA zvmZ+8k*N6CT4JH(VK>WTWKPQRXVL(i6kFb%sfqVD9Q&Y1DKSc^g_>WOe^nakIQv5~ z(p0%Vf_R~~^dIkvPYHxm^q7ncl9fN)N8jJ6A4oxRT%8y^kgmAfe6fH8QGz1HxmH(W z)`7NOv9&+cD#*y+9kd>^8YA%9jrUkL-~AIH4@E$={iYhP6d2mAQ<_34o;%SR5b%mm zRYv#IydvU?7fYP`_3PKwi|NPQf2|FhYo#v}Bo4&_yBVo)pUqgf+5@jotlK}_w0n?S zeS`K`_0@Z6H2Wr1n;R=hl>D_A&em_5$LiEzOmK1`3tI;08rIT4@{Ze zxEY7%1JgPlb%jq-Q4!-eC@^|cc->3FDxgW^^}hgG*&NvF!eO`8g$54rd8gnN31cAZ z(b3UyOp3wO!Fdc|3yJ#R@6i2`H}YJJGl*D`t+}I!Z z>9|UZ%Z~gP!vg3X6~>}j&WKYhFeholz#3RiPj_VlMf2%JUkRWzK^~JV1u~k#BQ;2W zwuf;KIN++YUZb;AoM1(A5q2!2$*f>8M`~UjPHF2o1Qpx_a$rl?f?FDBxB*m@P%dhn5;VCM;NX_$;$E#ApK> zMyEl}!cT7haVw%s;($L@nKGK1UlCvC@gAm1 zxv2JxO7s^lhuNA_eJ$Je^Lb$|hAr7PCE0*5BXf1Ue)3|z{trD>{siCePls>TJ0lU0 zP@_qObw6s=c)F(X+Us-jP0yMG#|-f$6uG1mAW_s*G~YFW*r3Vga`yoQDgt^T>d)=H z|0f!4N%(VTX@~(HQ$uV{3`H*>KehrF;1odq(cJ>aWcl|CE&kd+5l@s83Is0B(||f^ zMx5*bKAS^B+c##ZC%$OYSa9#C?1m#PFQ14daw#f&w}xlrX*9x(I|UmCX%IO=|85p;;Uf-2FX6pv09?FIWcUYfsOAG0lUdn;~d~QiXyb;Y>2q%u^@ey|KM3sI7)(!0h;?; zaJfM{JJNom)B!aO&C6s~1O3kjeWdol!1t2=#es$G_f6i-mT}X;xy)*@1AtBpi1G11 z8~7`H&b$8sxjZ-xZfBo&gVjgvu*I5}DPIj`vsB`rsWTfo0vG(F-x2^Uz08O}t@YKT z|L8b6oDLxe3_WI-gUq*hs9v9Kt+uTvSx+^z&k_BBGUQ-lj1_oUX5DjB336Qt;I$kX z5}=*43ZiN3KkNcl9Vkl3`cf%Fkjd*eO>zdnM5S|fDhZF(Q`PcRpOO4P*;;#3Yh$$< z$}wuw4xEU29Kdz$Lt^$=cOa)b3v+veRW|FgPrtJ5UuqLeD%y_2cjwy{ zc8We|HTrlC;*)SW<(YXOz3lyKQOfn$hPv5E(GkR~0jZL^wEffubb_q%I@GU}Q412J z5Voc+7lE5ZXx(mqqv{$eFzRt&JcX(`4l$3RKi~;=?l|=8-`>IeipR8C8tn$R&JAP|4YjBm`rBLmX>X^NDl z%5Ss)Ztz(pU)JvZ?6W`1*Aq(R1;K;~Ksm{^Tg%M~?e9@KGje~u|3{H9fN&l%m^`!` z&00GF(Wjz2ZPE;2B=GQEvG?!Jc3>M8!B#`5rD#Hr0;Itd($cYHKle*U(Tko`hmJ9a znkoY~8*IkLi7e}vuo<7gjrP@xS-TnsNF*iK%Ld%;<4L|Hh^FRW>j1h3rJnmN&Nm)! z05t1roUUSGrP(EJQxw6qE4=Lg2qOnrMOD>Iq@M~UW)Zn0o8nU7J^o1>dW}MTu%xoo zZJiiADpqJ#WL8Z4+0-B?5DbG13uoD`uwXa6k#Q$P?7xvW*|ZGlYwrW6%1t4OOu(O1 zS*uBVx_;-r*!V4|oue96(PRI)RWyG4zaa?|b_;dbpMNeR>V()776+lBPRvZ+IQcQC zUIIs)cAE{Mo#>O?%GW{P09G$61dqVi?6qVNS`gkryTSK#;WG8%&d;s+)0nigZnomk zQygho+4vaYTV>$c<0nS3N+aAhmku7+X%>0H@@N0rEinjL%%8ni>M@m@HZpa@&&RZ+ z{NBHn+t|l|rXpJiJE{c<_7NiYkKfn*IrR_)0AUFo`ls_dzN`>*KDQ|b zZo447t&$@JFu1n(^6k~hF=eUW#_)%Af-kVNH@!-!&={fnh99EOIR73?I9NBrF^sj; zLEZ~dk8KL2)>l^ivN~T*K|qjC2zQwh%GO%Qlhw~1?38Do0kjV8Ad9z{tu1AshrheA zhT@(`)oznGOmMdUj{l8ZGJy@z11kn-W#0Fa9iMdt>+=oBT!_btU@2s>IyyT3Ct1Rs zsTSCBpbb?l_o|Q8*vpWj=bcNNtODz+QRbp2^F66zrGR{gi-)(m!!rkWMPdPPt#TY^ zDsow3d7zIn0SWc7<*M-Q8Xl0ydhPJ+hmINWQ~9KbgK5)oAYXu&>0fmEAIAtC1ObJfZy9SdI2tyTs?{UGh4rDb36m=dV zE`tt0Kgbj-WzV63pdqi&A+aorziSCbhwaVP50pUt>undd)g^&^ zDDV9Upxn^W&~#a6{W~@%_%;k-b&M-Ruq?o>n>n;IH=$hjNL!MJ)&E5&O;KxtBqqBt zc{|)*{)b0};=J=6#HZN(+4E(|OG)!tKttmc4;B# zb)D|!HLR%9T=3BWNCBK~@_M&*Y|&+}rMq&Q`AV^aH2~CVPE2A01P&RPHlrkj^S%o% z`bTX|td9p{=(Aba1Q$;f$as6VOuPL%Z9@n?9|-95s6u0@@gz>_Kegd|1;z@YIFSOsc#sSn}IajIN9m+#(>qn$NFp^@1O3${>2jZF*5 z%g-Mu9T7=!k3+dg6{5ewyKLjooq~yyb z{~l?--LrSn9LfC7e)C7($dFfxHm0-jJ_A_z1`V+~)KA0M}Z!25zQ&vaKEb zSLQ`DfTRm~Y2aeB>P!rD3q_{&{Hx8od;;WhXdYZJ0^T+GBMrm2!vNbhtDf5{IEm=+ zyFE@h-uoo!dHHa2lEoJL))!W@3VdbuPi%hI?ZlR_zmko*g{f(tAiq_-;BEgCLYB_| zIqbubQOR9EoGW)Z9;T_c{Rk9|(i$k(0r%2ez$9yc9|uw)W}U-CPHxIYaHXQ?qH@6i zhQt4eE}XuQ+-1>Yht1t#Q;Nz8)z9$rDh5)u&?O4MRBtFb1#!THQ-5jsI05^KPv z6j9X_pqB#OCI8Sm=npvL{^9v!zpx)-Gt;6CRD*vNtWd4c7rL_S#e5^wk4HTRw`jUB z1l8>}bdcpxfr9?GB2e}97H}yHD3gGc!32kZ-lQ%xO|0;=PyN`Rl`s@D6fy-azP5ZyFdlg}Dako(frH=)XgGGDnfsuoh`o?4zhjumquJ5m2l zuK<_(N})!Szr{xLtu+lMe**6RC*1x2%&rdy@(#L)gC&}&w!s) zqV_ueJxPDM3dsP0?@jZP4B*kz70#_7_yTZ$EwH9xWc6}+Z6M*eKTigi5{LS!#kY87 z?2UhtWys*)gR&`8^RmdMd>%I$?srP~83mLmY2pT6gplSl8GSDQ}eM{n^&$NGZ4FV=c9MW5^{E>^8b${qD6k zr+#2pBk<&N=T9DMRVMLlHkB9VW@a(~g_qSHDr@Wv=>T#N5y6*SGekB*RNi~f-Ooz} zPY=7}J?@(B7y5@2(ThDd5M<5D*jIn`I|Nyo(^> z&~MvAKii&6U|(pGE4+NS^|LBLtwLXKeEg{+`2*k#z6Od)~1+W0df5==JZuy6380&n{cDErzqRA?u+ACg2w6+@F) zzLJt?BvS=Jo85&|G@&BfW(kBhv&Z%=)uF91Ie z4LUER+RV>+l(?WL{RB8(`wP~J>|)dVAy-DNUK315XBj97iRSV%0rbsi8sAe`ZVued}`q|Jq#SJa5&_cyFmh*45VqKY) z)j8SeOE;B9r}U48#tUI#nzTj_INCLKCAu#KZe>J6QZQ0pJ=&3N_Z7<1o(Ku94`%_F zy1_AMA_#0LZql_rm_a? zhWJEUs&AJn-!qzv$OKKu%&d+-vN9Ex{Hpvgpctac{$4YuW}zz1DcYU0E#5_4qkNH8 zGy5mz?zHM>wXg}j`8Jnz&zUL{k<2>zFUBBY=_N+}>6-G=k3YNXmnVt?`()h&&OY%^ zoTNYLQyL7O3FG!O^|P9;&)|^&a4=y+~ATQ;}oxIh6*p0*^p~egn8L(@N2k(z(-mUcWN@eo5BOi}A z_qf}Syqb(tcx<@Ip&KtLry(<5XWCfk&KDLPtrD<#8$49~Zi{pVb>(Iw>f@I+s&x{x z()a1Bb&L=1Y?T_{eZ1|ye`7loA1D<)&=`?odYdXXUM*>&yFR6_KLOv*c@mgtwBxh3 zMUorP!8)xIWQE34@F;Ma&~f)J7YM|hf+R7uQVWeOjc zhVDV zB2>?qj}v`%vqWR@d!p|s0`I?RU+x~x7(T$adEJh+^ocRH{f=Uf>UTGSGrog}WTH1; z4&qGu6wUgCPu}l}4>^#u3Dmaz{*hBR=+^dB(P&}wyFrgYqm+oAz6m87G3Cct2Q2_X#wlDk zT&Go+s?bfRW<^^c-F?!{l{f!LGy45UEl-l4_rd1?iI{%<{$5m2p zwA+oEZGJY0YyN0pIjH+_>y9$*>5)OqNOhDkH?SbIn(ukWY{x>N_(3UMkfmhWCO)J2 z!o)bG7|-irQcv-7PFu65i^@~S51~ZU5_dfVPr1GJzW^d83FGOz`P)1%#_QitnR&eM z9uMS&J;?@7x|_(>h~f&@Z2GWRDKmFx-(J;a@9S}vh`8O>MpC#|{3x|r8_6F^S;)gU zs(79I8I$DQm)gJpEksi}^w31Vw)?7hHeFu3#ahIADKV~AS_9u!a!hyT6<|BFXYo= z#TeAsMU*bp%7x5(eQ~iw?Sh135@c}@mB-o^S#(|IC>LzQy!!({u1IU+R@!0iPFN7S zcxl#OTGdJcuCIaj29%jo@DfZ{3o@!7AID6ovfd|%^zR4x0xh!hPaB&{fPPX#cbVe_ zKrR=f+U-tbrrMPcMB5zj-1-BA!zb@MZNC~U&#kbk>8bnu~}I6 zo9PQb+&$=Rc0`<_?0$dljK`@q%AwarllARdM=_lrxzsr|i9d>UkYRhV(W0GJzm56s z@O%7EwsNj~#&3^*G}5LgKm!L6y$IRK>ujc^Lmurvd9*#H=5$Sdy|uoTC0)myH2Jnt zcrlPM_UVn-%J6&4?fI%YmxEcw0V4hP2W$0vH>O0rT)5jaD_9}nv2Whhm(wv=>s98e zruEp;W-vZ{65T&Nm{ah)*e&IL#w(l6O?EPx5kOB&}ImF;kc!PRnt1 zkSC(z#k)w=n2A>-wzvEEI%=%?)fxol&0cPfN^9wNu**E&uOU%$V%O>FUq^}q6O3_@ z$P*g^ie-@wTYOJKBisSb2mX0kzbv0k7u)pDm5fq&AF>z%ka71oLL*evl2Sn%H-=SY^q8VT#&I&Y^ zko=WVf}EfG`mV`o`H)L5!|rExwBT(AWTwI6i}&da=y|Yp$^5qlkXjleXY za8USGYMNQe+XHieDt>W6)MZ>H(8=oC>^FzTmh8K&9||OW*XrMYy@-7C^&)AC^7)Rr zUt^j6Yrb_FG}MtMkKwnm#R{Uy_5SN<2RXxpf+Ew!t?1BXK} zX4Z#f?2Pp+sIHfrw_j@hZrH#ss1t3vIGE5Y!<;fwRIM>ruS2(<_*{%h_CxBK?F<_l zYIMI0Mj5^N;n=GJI7-*+O5Jx1-?pFBrrBM9WP) z?VsSNLo#X>vGFk-nozVX@$-4goJaKLSpx?y`bL}2dsA$DgQmL5(MQX}GbdVi&N%q< zz1HJR*&y#r8U0E{T-x-XCk@A`j0N2R0fFcQpgWE?3tfGEb5v# z&Bjdl8IRt$$*{@mXL`D{0O@z6a&_0!=Z<(HEtRS{7n%#hNiNK4x@HELDzPJ&1KIl! zbOpK#e%7%KpE}*7Wy@2pr6aO5C`9=n{Yvg^f#m0xWo zx}SC|uoxHk?DgG0WArnG#Xpf!^c+ApRwJk`Bv~V0aFD*FdhV$*(7W-CRF+Nak<&20 z$2NK5!BZ6^jSr823%F)k$H8_n45FW$Z5*Yg2fvn7&O#d(bG=Yoi3YE`r4*&79t|f~ z_kjmjn_?Rukxji;*ZZ zeF4x+?PDj*JkmVEn@gI2@rmnAgi;%wXZEZyN|d=`>(&|-D4JU=zuk#Q$q!DLy%(SJ z<&+A#Zlts7*2?1kGS+B)YgPwb&T%ImS=e+YDv{rKNi^4cVZC>4dwjOSYiUx8NjWOF zPbDB7_6bWQtx!Y4W7294Ui#z?<|icFy!6CzrqrpQy?hH$RwdJ|r4Lz0u2igN?Rq-6 zt2817%I9O>(ayaJZJ#O@s@|og$^|ZsXMA9$H#w45ZpX7Y0cDOWiV8G zjB?g4mjtV=mDjGc3|7QHXl%w{#d#rPsun~Z=u`>O5S-4bd>m+oOkjrY)zrV+#muSD z{6y57Usa;~=eYdGX^v!2J}f+V0s&X$$@|l!oWT7lb#vxuvAQ<`{vkK#Pf-ZE|BX;yt=mUC&>t~G64e4ji2TKkl>NPWkl-Vr2>BIaS` zsdRD0Xnq z9j^byE6IsLHgFN~xE}Mbj@OLm7G|uWc({CWnl_`QZv>XV^COgu1sc*x20L$sM_sp= zBT6wB(Xz_)D03~=+VW{+HZyBW1wRuBMn7L?k#T|qZ7XA!a>%FA4r$n`Xnr!$`X-D{ z6Yi=RNYnFdZ`N6v!0w!G0FBuu@~XypgqrR~#~(j$2RW;FlvSJgDfvnox+QN571I7z z4k4m9%qsYBFWxnD?={BVjKP3PFO_x_=35u3Eg$z5m!KP6@R|y}uDZ+y>!l|hWcTA| ze_Xz{653c|`!FZjYV5i9)gwq+Q+lmBWI>2N|!Wbj9OvsN>m z+`GO5{bWL@&#Rc<6|($nq$6EtN1E*q456Fm+*h4Ave}xUpR^60}_s#e#O(}GJr-o=vM~n#NxvJjR9Nb@BGmIDeu#j*UebLF$K$&qyOFQyCFL`*) zlDV0c0oG0{)nK+F*{b#!(of^ErVeFh^)|)BE{zY5N_qo1d|r5~g~d|yDr%eAW1(E( zsWvS8lyGd#y*3XATzuPBP-52FPa~u8U#Biy9GVz8__yQC3 z4H;8MDE?6Y@l{`>fmB037-WBX=v(==G?OhMrfH3ey)PIK_nh{|ZC|)(P3h^d`%m_r z_4%XvvXBl6oQ{a@=N^tx6}q>TN9sRjn`!%|Qw*}GDSj>5t?p1PMS~88FD}s+s$O?{ zN?!*Y5kxq!etp`e54i?(L8_5Hb}!IS7@p=v(IqBwnlrW--quqks@wI{JRyfA<+HdY zq@fIyvz-pfytZ@BAKl9qO3dODNqvO8mfdoFZZXc*CbU?!uk1}`%}QS` z=+%ayrZXX$t%CMTmhbhsw|$Fs%UJ{x(o&rLFJng>LY>HyrzEtLVL=`k$wQ|X=Hf?h zS$xI{>Y;P zzXXvo2;Vd{G(^Vp0M$`CAUXViq{Ti)hzDiL?{ziSoDA)_ZOl>5?-$Y$B+N}whGXM9 zPf}qi}(Xl1@@FF zl}ndvw^I-bY9^+VMQ{EO?|nFs!v1`XK)vsv(EU-2cD*MRs~IgAQ${|XuCLQ>xq9b=?x21x>|rR& z+Ie3y+L~>Y7>7hEyuJWM-B~z{y+@PIL1*L#=|@Qz6=t^HWw4_&`>#B0+}*}Lkri6g z)kl*f6>-kb$qXoH(J#`zOzAf41ovpCBdGf``QpWbQVgFTJ`N=-kJachO+7Nxd6J2^ zns7TJB7)GUqL(C&`^-hk&^wlIF|#;f!z-s{bQZ=gRr70nC3PVowm);)Y}Iv#s7%Td z8F(N~ne5m5hby9pA0Swjl@1K@S)~y-fQ}=Xu2QWC#i&=b1~4pTNu#eHY)P^F)0`>O zcw}E;?y%IBXM?^rVC_4VytpV>xr|2!(W6f(s~cH$Dxr+gd%W^9Z4%}@QN%5EwEUp> zDGHqrEw`k8??8*cA4#yfeYi ziMu$7tS8AGha5F{>liKD9wLCDtL~B4RZPRIY2o3BUYGg8;0N2lDoR%>%{pE zuL1WE!ccp^!(iMxHD(48ew7fcttSVodPZ4SgaXvc!2&IL@S|MbQrE_s7Ku-^i93(?^oA0(~=L_bQXK^J5vd)|ww7ZtDs1xokS( zydXHcw@j0m5$EG8M|t}D{!_m7k8j~e(ORjUVXLSnMsyt+N#HS2R_T_LUqtS-zD|qC zfoI&Yp0<$$wf8@fTbQ#I&D}n~K}}HW*KWGnMWFs#6;S`ORzfKBS!S=7%Sw;7X=@4X zDraWdE7qdO$XGudrL6c}DJ2!QNqylZ6>v3{WVc zlv<{2lLJ9KOG-^8x=ip2!;+tl?|Ckh3RzpfX+IH%L1D>x`%TQjOBt%-1U*+glWs@* z@7w2%&M7~Fqt{YH-`E6s6PFD0|~Q(bU!OBU%`__iuZjbj(s zk8JY{vh1`5+SrLWXq&csBqwK4GZeXDn-g98j$jN9EM#wXllyl)*#k;svL{?UP@FsU zFK%p_8a#O!1-z6?Xz`*hVx(MoUwS(~y}_+AnH~)eO-70QSO;-@$xcI07&gV&;Fptd zf{YgSxT$zlr^q0yd{)Hb=wlumza#l*vnX$8>e(p9Ing$wjXu zyFw2T%W${Q-#ns~_wB{g54`IxRd}D>F=2cp;(Om>+<#<@sH-W{^>DqUAA2DG5%X9` zhs#|(y6H8?5^8VebF?d|9eG@k#_=ov5%P(;3FGLrR{mszZeyfPNTOKaFX2VRV>-M` zRd$u~s+d}lqXB+P-B4noPgy!71|gCMl3F<%QulGG8zB7Ei8ybwYRF)_e7_pXmxIMJ zq0&HsVmaC+RUeU2_WG#c1L0Lm*RI=**QQrAu%2Mz-s&27@=8*wqj&m~N$LrDCr{h` z_U44{D$54+S=+{L@uvs&-(BFW2g5D`Dm48Wi#}BuUDJeo zO}`piV@X}`I~?%#*e^!oK1)M26K$tFMjQUsxH8-oCWygCse(Ncz=iu;MeT8d1?xScuWg1JMYNJ9R~WCB&(uT{@Wu1Uz3pX(N;9oBPmL9y7tQf{Jg@&f|B`K6sK^L zm660@O#i`1nSJdHXJs^>cud2ON}UR}*t&!v9W>$S*9Q+bkJ7>tt8cK##e1`0O(4?8 ze3df>-aGV$^9m>(=?F{yXfM#p9CV+G1b6Ba(JYQ5mO4dCU7tBVL6uEFaW$$tYimKT z@iKo$`n)vD`{1jTnxk&D_o}UH%1|bGLQ!Rdu=}fw5w0ZP-uUd5qHvbQ_mkFNioCj4 z9p+x=vU~-|ypZ*IMIh3&`8anChjl4mg$`zONp~ zObZ9BuROcjqcWKEGNUhgt9<=%9dnV0@NLFi>dIpI)~42(GJeON9s8DKdbfn#`=Vb? zm0`%*-uE+Xgv8LZXVmKlT@eK&(BR>Sm*e<-hOBNz6N&qP>>@-NEl0pv&{#$2sGr{l z#Y$50VqL+3iQ?&7f58(8fmQ@Ser#;5-1tOibLUyNegQ@1EqZ=^iJ;r6S+V#jsDS-& zP0#k6vL)=@6fu$g%1>&Qyf*oN@L1t>0qT; zDaA@6jH;RGMLqm7`hy}mC`oiHa|}IhK=qY0kmzNjbr4p>=sh}f9o9_M>gm;_%Fygs z019HTD|H`_WKE?Hh2^w`4KlAb+}lz;920p&m%zfLwcp%b+*)Sm(cNN0ZetvrCoQ7Pnvm;ryObTI49 zlqc_3Q**|#*o4(^x~9D__XvQjd3U%*ORpyc0e&g>f(G7KO`Aw zakK{+R(9=qUH<*2(}bi`6|7(rLy|%?$^RZE%8ZAxZv77O1@6M+AtEhr;2*(^j3=^($ z(~2XiLImEKOie{fljKwoMl9@q7IsTmcsaGkVSU^}VutQURA|`Gbj73_B(3fEKCxcL z%Zh{>)BgR(5ahOs5{K+_T0`)>8MD5IMMGtEsURVA4*ksYJV_r8I^`q7^_px;C>D~` zjGgo6zrUlgKpurF-lLE=%Mm1R4_x$q`18N0HNyk29vOys0f&#C@Fogi@j%%}7nLh; z)66Ls?}Qoqm==qF`rF%b4=jEr!WHF5|MH~#;HQ7WJHK6a?A$L8OklmeLDG$q|9Sa+ zbpNdvmEXeg9MH6zscfnA21_9(G*4!nsRWSRKYZyiiAU_D&5-AmiF9q-vVD*IKCkK+@7G%ZfJwd~Qjc&_ymB-xEQod;k~6HBGmvTOzH8 z>DHz3lt7-Y!}!HTnH0Ei(RK37xeIF1wRhiPb+uzK?L@@uqe~WLA&aN{BVk0#9^H;- zT;(5r^BBfNTL&`nJmhSBWQC(_<2$ACw_pXFkl>1)Me>lu5}!Su_s)lNH6SW2FZu4! znva&2o}`aXx*_K&Q>_>RhCsm)u<^CvnC0h;U>RS}V1eg39bfCn4kQk-@ijlacjse# zjjyz--J93=3cZ7wN@+1|6S9c%k?KxBeJBAFJ5CZyx^Obd z_!JDz%!w}3$;pQGCL5hmny}^A#Hl15@yuvd4Eh#$#ldcup%CYI0svC zY*;=OAI4{4e54Ktu1R7kH91XVYS7i812PfyLU7fUutcejEN+odR+%=L=df;OZeyD9 z<_LPq)V8NFnO?eb0|+NGefNB(s9ZE|)Ij@%iU$QXgJiGUxKkAm9?N%%&*x=W(ol)# z^Xb}-bjBnbfGtx)b2HTnzDN4sZAwO#W|bll$LsMrbQ$C`!i+Vno5~UutvyhrSa>bE z1*J;5tlfBf-8^PH$SB^2OQmsHICv^JBry299#-Y~%!X>=Jyu{Ub-V+#&|@~WAAa`< z&GbdADf_-cfOKX>qe~XE0BNUb$3gLhtn7sCj3>jCnrTol^J}fex?*Fa)NS=^)WNjk zj8{h4cLi=SbQ7iQW2Pd;A*vW1?S78<)P#c&96q?O1}Y|bu9lV_9mOV=MB#YAOis+C zv;r1pweakcv?i&^K>oYYR%Q)k(B(9^w4Db@6AfI62QA@fJ$DaW6yxFg%Xo45#gq3+ z`OicJe73iMWMW!xx+F8T{C!xsV7wW+5?2DLPSTX_dW`48HZ#!x35ww$+FG@2f^3U3 zl&tl{u%s~cY(q(YC$5ao!_1H*lDSqvi(k4&9!H<*0}A;Qj*XN}BvVd7PVrr$u%TSy zJ9p&hDJ9CYH@oB?h)Fl z2dcEVl=DzO|Ri zR*$aj5frtrtlzv-E?>NYI6X}@t4+`DouqT8ROohnU1SAQVHSJHo{Q=S%XCfVaqRjhh88V~ncN1xBZB8PFbyERl zaRdilEEwa0#1UgFtU#J*9yfl>y_%_w$1&p#C&0;AZ9fl!?ZNwp%R>`KLK#a(KwxAY zgH;GE!Q6p3abpglrx>6Jr+Q%Rs=cLSn`Bjrs!>PWSfg zZ`@8r1i7l6U5Ygcg)UH{8zJ~Ql^I^Q2^8aQcyG2K{W~*2(N%(HJ9YB{x7_pcs++2i zhoa-rUbdBe-W0L5x^-!<#1HEYnUa0m^q*!1yovV>Q6-TLMjSJ&cjw)3Cc~p3fkZPT}#iY9#U8txG#4d$^DN-vU;uoS!hD zIma+Z);aQz*Yc9F*_C^5_kJHe+sngg!Pgw`VOQKIzvq0fop#!%Az%pPKp^{FFOKn* zZ?RK6$2$_YHog|)_zFvM8(*C#v1p$*z7`F?oM#*H;~)ZA$xKodjue)R5y90vk_Fu{ z$zm*tx$iF1l~THlFtsRZ3WdMTUQgJza>?AUIEzyiO?U0#+*+J+^^W}mSSiRe(u~O(R zz!b+!f6kz)AI|tvl?qPwoK-t2(Q&aARY`E_3)Ckkg^>vA%9sVb7g{mVb>?+sJYzeV zrkLjNG`%C)^%umSAeqGpCR5cjBMB$1jGx5R!Yo|vXCQ47Fm!Wp6dSHycWB#ESI3?E zVSP;+H&izit_CoD@;_evSQ<5`t=M0LMbREugs@*uVpX;pR<<)?mBkEDw5VeF02oGB zsGt*en!Yn|EYtHkq!0U&?q-~bb7j7)7h+Cpi^hnZv}f-DwOk1jTx$#(tXf?o*;CSH5L&`@8oM~kP)tWST`*PV_?bT)a}|6n17iSsTl(M z(lQZ_fl68vE4n^brK|yo&2fZrR4&4Osu9R-rm82F%nX@@fMO)S{`uM`DzBI!kN0*6 z{X)DPnNFgJ0nAB)5*HRen=P6*fpy{q&4h?(Xc{w)Bp#1tRzte|P?mCGpds9W*bfY# zO+tuQIf!;L&JYz9x&+aBPpwq&+mXB6N4ZxQ{lc-ZEEhh%bZH$sY9K6E_hP~4l#VC< z!vuYfe&;*Z0q-O+_bjooF>p!mCXE}`Q>#`!NB)$(d}kX%w#IjErvbprdVhOjZ{H08 zUkDWE_{s%OXNN11FPC}^*|s| zC`lBwoEXu)glSJ*ggaCyOw^oxYzXVjMAnSfu;7_6ewexu5q+kX{_x|uav4ew>*i#h z?O`39Wpv-VP$q$_9RW}I_hhXA0Syyjl`WT2+US_n) z+4HQs8r;@$u9CCu`6+Dc8IU`UQq14SL1KOJZq=<`aD{9Ll&3drEHd~e;)MRpymj@DcZ(#%i47W5^R9R{4{ zvz1qg#5-3L@q==<%{hMSmW|S{Uq9z(Kt6rSKHSTBSnu$;XCaoK&YZ77ULD!TXP@60 znEo0F2fUO@-qKZsa*49=8Z1Pp`13uYyt+v%D~*7TjzDKP`&b9xuj}YLW=Xtn+)%Yv zAV#!$`S9Z})Cb$KOr)G3iO5MS)B0=FB-?gLFToZgW~U z`o|$d9XaQgiL4|0-Q_2*!)Jg+xAW!lsGIGeYgk8QPNT(8ZbSevuV1^mp05`Qp?`?U zdBh{53%6(Cc8J|*5UOeOL5R9+2^c}SE6&B$(zWU>_FV<_=_?kQ1 z{u*BkH_OevO{ID(6@>u^(#(kyV}qnYp=C)=PeXRDG)&}>ZWX7SG8ZCrcjtq9UV^X0HYG}d!rEs8f*chwjjB(&O&E|@Dix!P#T=~Ij(W9i319-uz$@OTizE*_w6ysiy zc(UR`z)=_-rLj11VfRuYaw$dG&wg<>pp@3dccnjMABlv$35SsZ%|%{hz`ct-OeC>EUcSEkh}0Wr=V`enc^Qy1z2*nXx3O`q#f4|E*F#JKx#G=dh{O(+o1D)R>vpV6_}$;dwc1W% z$z_@5@9US;^@tS%(~cT30I^-#YCJ1{w}mU6H4%KfCSvihKBw>a*}7FTjnQ)&E}Z@* z3{~!ebYk#tTICgI-|^n)TH6D$*_`|JH?Ab0S#ruh{$?yJ20RZ~-B4(F?Lb}M-&hsL z^{C|0eK-u3aDgbqnzD~FFemPuM^OIpFHrK2mc}`swLsjbUDFTz?kkuaMPwo#wi}*QPT6BNdi%YuE3U!-!MDVBG#LjAhZPc~fcG zvay%DA{8CRra6JwP>d0C6~VjndM*mnCJs1^;n4*#E@~sYoIkH!nD+Sl9NrH};dTg` z91z)u22&2?CWE-GdbO$`g{t}cwp`bv?8E()gu;3!w-|ri?47P3==%-y_5FcQabANm zh;iVyBgPNixBb3=gX>p@dtE!kIBN>)IcA0PEObXdeDs7`?a@8lpNk!oe{~@D7{HqE zX{gCRPaN&LA>eNWY<%@MqOR-RY5em?jd!|!pvS*JU*8}26z4T;eDxpN-ZKaPUANR; zi2~Z?DpLHnz!x3=hg{(cOBXs$9{pXYOy;)w>D1$_g0c<%F6^(|V$Jxwp3-tXW|#Z? zi*Mu@(h`#Za^i{LmC};43v%18hw>kES8hGVXNZA^&tJR*x5dr~h#RffPEo>X8-nTX z*4RVNpy|FIFX?eXr|z8fINLps)e3On5hzthj-8a@L;Go_xlmJnO!m2Y+TZ`u0)x-( z?ax%vYT~m>E3`XVG0}yYagcI-nTk-o>sjG=6@mj+A#maN!XyFn7cSGRf^@SEg#6>P zL~^IsUGdT#Sq$mo$3hp#)oV8+iNSu2z2)?aBhT_H=bYnndsZF!H){9*P1+D@@~;rx zZl@Rm`9{FT*L*`&paX4uEf8F#@?aZZ{o8Fu{N%us6LgXkfglPf_;12ZB)34AY(}62 z7_VJY6Lq>GFvbK^e4jz8Z+}_;C^vv>(}y`88Gx8+Dd$9#eaMvT+mX$N6Jzf8(ESNZ zp$ngrMvdyJg#_aa<*d8V7cQkIQc)nz`}ZGl;S9F}{>T1~V4!aNrkeoq=XWZrbpPRZ zT^Yx5EMW*<#s6H-D~`v78Bp7^-;$8FcrP+J)rD&$1Eur5VJs8YpLqGIUX%U9SSP$5 z1Auv;au8J&sF(K9O z#2|38&t-AQIBBk)c2ISFx`<)AsCaMp$1grh?EgCvB>t!;uWRhtb3hXCUNCl>%B{Q( zEZ}x#p=A7l)-9Xd7H5a=4N0N(8+PHDJ*&^NKcIEVUB*qSAe}n4)=W<&wNO$(xB_-K zpIH*!Tet2(jK0&5C6rm%2u_T6MMZ@3tMfa{hPh@fzibSTUU$LE!q z40%1L@L9fufatsS>{sjH#u$V6Y$qT#*KS%m!s>^0JM}P00%LS>&cW;D+)kOyHn{6R zRVx3qO}ERxi>Q+ z;>QEi3@CxSF`-(%a)Vq>O!C-M^sk({Rf>z1yYKEI@ra{AvcR)&;<#q*7TLIYrv_B@ z+*j1^R03$G&7jhZc~jV|T?K6i>t*`$FBdFD!0f{Tsh5-99a!a@G;zdjL6(oeGURh) zwn;=^>O{PtH{j#=4d|=GM^DPo!F@D6y^q5~d^cCT&$x*Yk}eGBdlyo2-+fnS4JdvF z>7{3U{xvLeuFBAR@0N}oTBz#+Qy+h`WUcmJue&;_-!=(SzJqJmBj7pQx00`=di0@- zOk|2_5=&h4zIf>}j!$$S!%0?)<_)D^-|mQCQ$wwQ)~w&InKj}&wUR!_ZdVZ*kly z;GIqM>upi?Rg8(2u3g$oPdp369r~-gkPunBZilQ!3U()Ow0ma}zfcA-h522Gv(vqM zM~R9oUXqq6+?TIhugY{0Zzb2$w`|)ZeS3G)!~~RuEWBs-=ch9lAYHqQh|TrnB5Xtz zvKa&bv!um$YExpQS`lu+kEfQ?fX?SGTy$TP@-GI@{Ln#n!!@g!5-x|1oRH6Ef1|Pf z1`p^dZCW)^@?^)Z{jzlBMr259DV>ldjdKH%L8s4Nko6n4%gHkrykrom8K!IJxJKfK zWDqSNuYeGDh#k6twQtWv5?vuzE6YV>@mmF1#>5qOb?YEKdvwx_eRN6t>YG(?QM)XY z9~gna>s9r7N!OBb>`@K6o{^sECI8Nxy{Pva9bLgK@7*_UUkm|5;5Gzoe7y}4zihDa z)h{px`9*Ae^>+t_{|d$57Y&B%9X)y!!IJCc-4rMunutkVdlhtcB%lb{*-Dxa+U8A7;StlpJTy^H^Hz&R< zB+?cxT8VVVr`3v~px4dM@mwWky5uUzpu^yO?p0HdlSzI=(;~=YTPS=b?sV;Pg7NY< z-3-p1zku6wS@e)xdG_)9H5e)Tg9;+amln+$%G9SPsuF$)#d!6>=1xN|h?g#QTQ8 z9ioF=K-%Tn$Uqbo6(K2j2Y>M5V^RTqavBN@ttGBP$vJZ5luQ8eQwQm%+5Xlo8c7eh zQZ#8;S5|4yvms~r=)S?#(C}b%XXi#548{n$A6vV z+1mA6WcIuz`rZUW_VHOc1Q!*ifNuy)9pansE!_iGuHNi^miz)j_C+X*D0k@|LwUrM z?(V+KQBe#OS@vIHitByIl#J|5Vyt5~EPdwAU*dALD$GUmaSk(=C0`Puf0{IQWwYe_n}B)6arA{gzj)@WBXi!9 zkBmhoy@r~0zCnYU*ayoaocrBrlXZ-~bSX)*vYkAARxX@Rl!vf*Lb(|h7OtcerFt8UwF2>1hmf{w2ogVwAo#_<)pg^jQN z=xJDK+W6`pAPaaE8(#xEzM92P_5;aP=k*(R=mgEN4uQ2bR=Q{gO=W=Ti80Be*)Ib7JP4qZ2di<~9~*yYsyqW?q}O?3Qj&NUKM=(tsa0bR4cKM`5{e%dLbfhCG)O zE-GkF9WM73mn)j*q+WR(D#a+d)y;b#p|xtwCaGV)wwh`?1dX2L=YNO;C&N_6IT`dU z(U>rD(#ZN#a7=n?1_D)*bc%-360WPA$q3YY9cJjUvC*0#h34lsvu;3nyRHhH=k?0t zoXwkeYg%Xr!!#(Gd-oiaaO`smG2kj?B!~s}WolZQu8cEI0+n^{XWDlviZ`+1S}`uh ztt65d%*4LT^y}L9&Nag^Nj`M=gmjH>kBPOn6_;~NS^MOB!+s!n!~UK3)pE6*sfOQ4 zSCgf4yOv7ge2MK#mTy4+y0QZe8PH2z@@9Pgm2AX2(!6OydG4tRLWOB7+_*NPk6rKL zoe?DgSG95_kULSbboqMubk^6}ca^JD#z4Yy+9HC_u313fn#XE7~P1#3zbnD)@ zz2LG>WFK7gy1?R*L27XU5O&9PTW*AlyAB*j$>zvDw$mjOZ?(xScX2GWThII8cM?py zU|G?maRXRZv{JX5TX*CCZ)`h>A8#i`7h%Z^i`>uP=OjdlBbDVySR+ZfES1xgL6IOT zDJLoWFajunN&=0FzEgN_mo6sCfdfaSEi6lz@rm!=&Yk;R?uyQV_*4=a^$;swhw_<4 z>qcE1H%P9sT@h5^vx!Y6B;a*S+sbK z5=0!^q9UVo+@)Mxv}6tD2UX<$vG+<}SPTst+*=kbTp6wSPa)GTf z79(wZwehtm&uy@tYvXItd&Y>LYz#S}y_|SOtq{104;LriO&itISR$MhAAo{?`pkKW zjf+NRp~g}fiY#NtP&Tg(EL3X z?lW91egBhr8pq|~2S&mQqo!iQxCkc@uVNLfhz>#7a0(Tp^o%s;r+%{TbPzQ$*~Aaq z!C;u2#Kxfx(sCHPoZh^VC8y4uQ{{Zvpx%o29z5HL zblZZ0Nu`t)3tX`}0Mc;Ts?E|H?q7^4;VAdM;Gklh2zRn%yf*{x>8=(%tJiJQ*ccb_ zUNE-L@Iig>J|!aqSc0~JtJqXz*{^g5;<+THy1_lEdzTI}YxcLksx8I)A^YHxN!(c| z`yybe*0^CE1aYm!#~+I8NqzTd5!e*&xZwZ*KmbWZK~x&DuPWpmV|N`qbV4rS+iB7=3a@0&JpSu^mx+YeIwJQQLQ zi7jBUQyFC4CCJtT2aYLm(ij#*HENJVFDE37FCqpCWus?NnS3=xE+XqvZkBnT$NJ+t zU|qp%aUy&l-hOWuGAOl?F(U@J z$rh5P>o@I?&4?xAd2L#q(DIJYuT#=NFtAPsdy?(a$ zK2!NAoU2gIW#AbYHT)hW^XL-Dc?Vs-NIZ^0pVMM#FP^oOlytmvF6$kpq9;MftcXjN zZF z6dPZ?K{VpW6Aw(3ox(|QPx!(=jukf+uA=STcUb=W@9$tT)nD!#bFT_>norY3V&US| zGU@(dI;kf?L(=F9l#>rW`BJtbu(79~{0)o*91NVItEkz(Ia#L#%BUfIWyG+)l9rwh z)9P6H7_MN;5eMKqQy&&uLeM>hCN|N!;NSLIG40{lrU5E5F%vjrxyUw*w(-2j@xT)j%wO7aK@9$J2^TDw&zx{L`zLZ<`L zOLL;Se$!4(ci*pfSLuSFqJR76`%3;e7CyPniV@dWi(-m?8b4~FDmp7b95n$+*BJ3! zn4~O4ZY$CnfAH}}x(pzKe@sShRGVK2sw>G%~Km0>rXlo8JCljw;|&p1dE= z&~dmLEtV4}&bk$By*~PuRwcB^AW;;KcaqOhs1{FUo_)}zQ)_iqp>-Ss%+f0HkAHnr zhTYp+9zrY-l078Jz6Ck<*{p>!3K$OpaZ7R{0`WzN+s8BJ%i7JmyyKHl_OXxg%D}iq zNd=XE*}zf;kc55ek#TYzvML%ugug+YoLO@g$up1Nrvx!wo9K@6+3c^?N|WuOg3Y?= z!gmP@?z6kLc*rpZXr_x{Pgr|=y=av# z8q|WD59L{H$fowN;@J$PJslPyO&Zme-pFM4${RCeF)iiX@&|X5Lj>g{NonOta%tU$ z?YbaQ3nU%gvmTu^TI$rPj=ERl6T#9E1CFH{tWzkb>4L}pq}54J^vi$!Wje^AV_xq{ zehCS^a2ffB1n69lJtR5rf&1#ue*7#JEVc@jft48JXnEQb^6&dEK8j~}r_5cj3|-Dn z%$70yj{o_danXX7Uz(jQpZM_|prz%Ifp^P86NXD)xR=exm`hUeJ;>z#h<*0rbCV!@ z52HDV3r)SLkT4G>*Lu-TYzVN90^7~NX-tyOzgUFT*X@WaQ%fg?REoLE$3SOvks+Be29x|3r#vjb z|L-^C99FpS1x;O8{=@-SS`zF>W+qzO(4~N@ z{_4^J#qHqXWAe|}KLLRiCjDW0{tV*AP?6{Aw43<3L))on(xQVa>$D;vQFj#+O!VD+c& zPq-fAnb1;Z`Kpb0_f|so)l{o467N}P7yFuuEs3AeBl@ZA`|Y1zmqQ?|9DT2AofpX5HEDIp=_b`)FR05op?Se?@6k$y;S_^ma}oo9wF)cqknl)#*G@F zWLQ{O{)TT73e`cbv##YJa+YBMAr7)Ixl_TlYf#^w)8NF_9MFIsF9V92YZ2 zVsVGD&}hj@lGQ0$u#7Ah;UfP?yrqDE;oKlU?-8Fhx+Y^%3{7J zTX!VLFu1W&{`T+F4e#jMTk;PAn3kE5khRfRbU6tNO=jaOhjxUz{B!WPPeULO2-x@< z2vjky`*VDSi$52eY3w23bJ1V?wtOE64A^+NTx*+IDQ; zLhnOQEWv+tG72mhN2yAcShZXl4+|Pv6EHaQE=)+7)#N1vp6u48ohp;g>O5EXNeq#^ z+J^gM`~wZ@%T>sH+!KWaUGdm2y?S((|Igle09JKe>HmNbNJ#W1dK0}DQ%y10#<<(K z#*Q7A#Bny+O|sb}>)n4g$!4A6^s;f*PU6IlZE!ERH>yqVz4t0WfKWs5|9ArjK+(UEGRK<)Q)u4uG_$GU@c} z)=9xk56P8bz5=4|D~$V;=yWf1k z<_Qe=;Ny8NZV3w~7R$~hMT_kNGA@ZV!orFG#4g^=IV20qh4>Wj2)wyn6m5VISPHm$ zZB*tW7$_68OUDj43%d8^&JwsYu;9bUs#Q=+VALiDI^iy$6V6d(3=NRy&^r)O`B6H`UG?irtMq z0keQMOpp&5?c_^w37i3Da92za;MvQDUD8kOeOO>+s$)1T7gLVoxRl_=1w(_ZXfW8w z)J5vyJ8!$%xiXT0jz!XfMT=cb68cZE64p7wKDseT<|s1iI7W!>(MIePQnq(iaNpZ* zy3%FzBKR|mvkwJ60UR(nOqRehIyE8Pb}h`1%ByKduR=7jf*b3Q`MPT<|PZrg4D`{Y!EH3j=@@SvXdSW;Pf z@6n3;f?nz^W+(251!7%RL7aqd{l_otBkh!J7d4yUw15aKwqAbYjH}3*Tgb6Wi#3ds zfW1=mT^S!xV1Ns==8DauIwmXD53vB)!Ta8$|LfAeuhp*l70XNFSiE?d6Nh>0{xEEPR3j?iRia4G_mzqreQ= zDz~HAO2bYt@!A6F77C=GeR)Q*xnX2c*9;jw)P3~$aeGg|E`}Fl^@Qr%t03O%WT-KI z0aYm&Ts#N$*VKXzS}(WD-zbjOrDDcSmWy8dc5O7~HVX(_CXoA}11@lRt*1b+uzQes zP!NqARb2ZN6y!UZ1>c?PH%v#|wus?{D;`;ezNz%IKm6IB-;DQM>CvijYc2jb!Cz!_f*rbDEKT0=UIkAcA>F=4{gOc9=){rw`xXI{ zu$Kt@8nUa(vCnWh&e7QRrMLv>Z|ETUJ(_~}doT)d&n9yq?p|v* zY*AZpahbh{_XN1IO99XUH;HpbyTWXQX$KSRuvk8@TlY&3<%tE!xTMhC(RI}6ihenr zgkI7=^xC=&TgBF@>s*-$&JBPKAPUe9tE;h?b7UNQS2}sQ`Xc?~b;TJ1h+-{qTrmUz z1lNh_%-naj{wu6I^aTE=mw=Z*gc68&ewF(>de_gdkqNfC%&#P=xj|tex)aOP&##d+ z-Z{?l^XoYTbe>;(;HON1DX?o!zT#HwQOurqWqcmAFF$abHP_;IlNMtzLV}E4WR<}c zi4~dFOwI_xRid5f+|3lTVucpfxC#Y^X_-|Pet|E4mKI(t1~FjS0fdc0whgj%%#uO7 zL-7{~j7#>LZ98_k#UPjC+CWAZSV8Rcv6Dz(>Z&dnE@a~wF4qs@3v5>09@sYotZXf6 z{T^aJd`>K{9A&wIiA1npU&1AD z+FG}1CAXC|&h$A|I|RM}sKL%6MiyfLAP8fISQk#tI*x&hyAUyfIG=WB9Ko={hyi#D zj2>zPn85{w9cc^_SU~_eWPQSIkYnto1N`6;L_6Z1$(ZEcJ2iGfjEPXzxq^Iwi?Y^W z_5=nF&&fZ4h~QXIcQd(>MG82EOXx!RjJ)%dsSa?Pz^{9x`~F$X!xmyM5FD1V$1&U< z85hKhp$+&)+c1VYXsp3DTp>^`Ut>4Y!dS}|xUgBVxOS;899N&X<)$l~kxZ7b#R6?{ z9sGjWg5A?Q$mL0Km#AA6pks)I0+`ZNW1HAu7~|EUz<}%5yPGBHd0`p?{=g~)OukCY zv_)c5af|@YJTv|C)G1|pQrFCt&PkF1Fi8L$KpX*@_0q*(tDHaSzXXK_uwI~gcFFCB zG1powxJd%g=4*^>-m=RMi=E23L4QA`;M&AnOBFzItpIvr-c1!VllBcSC8`ep>LU3Z z%7O<&XOsFZZH?Xn$YZ?Vip?Cvh7NrdP!C`Rch&;+S+YX%d)2y40*AIbedWdy-vPj> z4-{hBPM!ccxc;I4DD)SYMZ~8I0pztEs}}cKVxqAyLH7mvkA6no)WOCOdXDmmz(=QN z)u60F0Q|y1Z_Z(Sw~+f9S^v1+7cT)Xf%B7qpI^^UUXh$#o#xlwS{wQKHIi0~^c+9G zMk=XD&-2!6DUxC#1p9zAe1JS_lvZ_+T#_g-Y<~3rzG}}rKiw_92oAhMMyy-ZX@SKK zI4%Zh0x9mf;~IfSd2*Xr?iNx6hNiHWT71cL<}Y?yhbqR+h+zXA&HA7y-oyg{&>5#i ze;XOsZ)#_*r52gEuaKsdK#rI<^|b@uK_C>26=K$G)Nb8sxqO9;Txu>Xr{iY~1>g;f zRp{>%w2Oa_ST)(%*)IJ&abC74vl5`%!}^EpagBTOsh5YhSwm7AGrQLP(8_JI|fBT;)JC7RhX?!T=(j zcYzkm|NQV>?mO;FEQS~48b*NVVs*Pa1~p%tzp(*`(X?6ah{OZIV0FwN85V$clmNU5 z3=UB;ijLD>w3Ca;60$>zjGf>*PUajypB~yt?65&Rx-fI^&_RszMkh-G!po!2;{^JB65PO8mVn4PPz zASSj5S+3?Ugq^ZQ@obvA%Wx08QZYwx*Q}#9Pgflo0`~~|&BLH~)1-Gt4)5=nkO1V1 z7O&QL4(VKOf|fm91-g&A>8Cxqb#frqm+reopuEEL>KK5}HIv5)RG#br9vFoLB%d*7 zk+MMz76YS^eed5Nb_+?)Cq?)x3icfSUW^@#|1-0QM8d&By#yO%u;!F;qlY?X2QH0l zT9C$lnfxqP*4lV-pF#UpOaF^8ZpKN4sK7!Y2>GYS9mqWg^Q zBM#C)^-%(1@0MF45)pKwHbqvn3~Zc`Xc%L;+EfZw0q7XcN3JIUp(#3-V@|SXy0B{t zk|Fe!u4OIYPF24kp4uJ-VFpx!9YlXapAj#MQl!W9uqEquC+G*piqqTf{Ls;&>k9Q> z+t#g|t1j>Bil1ta^;&##fm>3q)ez)zU8 zLc3!esO5IES=@Y80XI=97@RPFa<$vpN`WyS`=4(*!*BPVefEjiBF7X&5ddb0c13@t z?+C^SvjO)Om^)|gt-!Z3g2I&+F)#`-3e~J2sWPzA^+7j-a@Y{pznS(Bkd4 zOm;42JkN3kKAkDUihHqhH$^++Hz{!FLAf&#H1e%?XV?i*xWip!*r^K^b78L@^^X|E z1X#szA%HUPk0D8hv~d(P!6HptB;%Vi1b*rAPk7qSBpBo@ZURK+$T`wa!) zg$zqDc9=ke_dpgbf@!CqP+yDY%@lC|);o9YF9!Nxtl|O@UU%>e7u)X?#l@K-H53I^OP#pWWekOpWmV>mdsBEK24T?BND z9WzYXteV$2(1#2@6bwxmgSb=@2)K^og)r7$dE+C?l8YQ;@y9>-7pD(16uacP7v6CJ z?a@CNpFa{XM0_2XhI|Kb6b|~-B4eHmT_$r%NcZt~=s=Eub=Y)Y|EIg$_qd#pK@0}h zWde;SsEs)nw@q{dm+`!$L%&4*B2%f}VNDQ+Ekg^hKu2KE!n`2XT09DRfxy0N#Ezoi z`bfNn0|L5R2pr3i-#Hr!TNUt`zS={9co{!rwj-unwg9a)`u*hJURG=u%}092Ow9}H zHg0vB4`<#>@ni%-!uSYe3R5SoWedj+MOFX+FKF)CB=^0>jT*^KOl(rsO@=+PJ`vm* zFcntoV(CO!j%;{5^$c-_VEyC^gg-33yIXY^AJfRRvCH^Y*r4$cZZ)l=L;E&%n>G<< z3$$A=@Y}f>M)6r`^VR}4hhH+#1#S*sQ{bXC>54Hf_TM})7cn}b*&@X5N>^ZS^k0h> zq1bCtd^LY7FM%2@f%wj^Y=(uz>E~BJzt)t2<>%MvwPYon)r9vJbshmeAo0Hp^6rhv`_OoAqkX00qmkfTEpqWsc`kueZH&cdtUxu~D&qg`mv@IF-9{b5bC zXx6x>pOrjk>5_#ucI?=ahok!UIdz}j<3L7c$c;obGghAX%QVMSIHUVQ84c;b2c;*G zJ4QYr0)e^{1XgpL{?9e&(eUvSv_mlVctO5ztc--WD3%NW9ruJS`LqHVqt7VlKHN-_ z1!klOc*p&S>ll0JujZ01f5Y}k1Ta_q91qUn9vnMc?+S>K>lwNac38NM;u=bGfz-5L zMT#2_N3#T~WV_4x8|K+>{`YAE%%bn`Zl&oO_s)zW{T~`OAstk7zU~<6&Q1gA{fa*! zfqZWfn=wg@PwJsPV1GRQ-0N}~K5=&4x|v3ZlT&zqE?GBv`phsoyKd?sNbwi%yVX4* zb%z&pUR!NoAd8w-cqam8=V^@)UYrcoK;iv9{QJs&M#S{>lClo&8=AkWPXEEYV;q(B zeDTnKfh_!QFM(J{;QZ&;Q<`6=#&Ld~WSzx`MOXOwHDphfv^iKK`1v&!qa!-^^z&=! za*WpeTCr7b>CbdQA7xki(osY09c7(@slbAmG}3&=oxlZC)ElBK_+h2sD% zy5y|FcNCNjySgKkH3No1us9+^*N98{y8yKLxuRR^TmT<{9X>M%ik8l*1A~hNW&rwd zZ=SWZ5?(hk9ma_6UmECB+O?HE#xr(L?`*f;bd_8;mb-wy!8=#>-dvAd0OkgXV&6qf z9{vsrt_l77^>nFm-440~C_?QJoKujf%Q`u7fDVUr;UjG&Le;JSa=5$I(y6K%y{QK@9)}vqCBV64da^mm5@iHO5ReJBO zj0Ia;C9U>-RmFK5$t*y|yOTs8&x@?^_nbd6A+h4t=Q|Hh~^4l7dZ62 zE|OA(z|T=RpX6X(_hiakiq-u#Si8osuFnkJXxx4y{Uue{5{mfgRo(oNf&%h3vvVk7 zG|?1k=G=|-?t)@rnB%*j3d6&Fhud6jV@0^t#)s|Kx9m&R<8#kK6&y(OsAOlxqlwM{ zttBKf#s3Op5#hOtopJ=WhWbQAJ7!v1d2tqj%5cf|x)?lhcS*K=t*Rf^GSU4!^94ffF=<05(@UH`q01D&j zp2$qu`~SGy`+t=O;Ly;TiXFbBe8P?>R>idbX_VQM`5znb5yPb&em{SU!yj??5rygO z#+NZ=?8b+~wplk>$rSJ{uOT?rbTFN?SAv=7r57sD-czmgbAjZ` zBB%W%1{Fks4Yd8Xo@FTJADq9;`c~|g{NjIqDDPU-k#rYHUFdcPKY%?mWP69heRrvU zdQyebSN+TvPNoO-Je}6H1oXW-UK26f)bt<9cG{W=968cH0B{@dG><%8NYct0`R(tY zfjGhIZuj^1pkFf^i>l1l`1PtED!CS%21$=JtJAO?_fct2D~*tc$%PsdXT;4pm{BT- zi&6h)7RJUw+dWLCxkvi475Io?d}uHW9b(!4Y*b18j~a-&j;IUijemFFoFk@{#t4Db z?Gnyl%IuDpuem!rE%Jdhet2ufirKvwXe&d1O|+1gN59(RURc`f<{BFt>lvH8RdG&G zU(@*>1MT0ZJk#;hLH#>c$w?%Fw4PWf*bSFsqII1yWvN}}=4H;iooB}G}Nh~ZDd z()WLaNbFia&|ftKJU>EtX}OlZsXc&Y-sF`yXlT^#W0+*#Als5&rf#eBnWi}WDovXh z3<`W8?Ex_%FA#ngz0${v?%_X+3#-=0LJKo99bhu~&Q*XqkC3uj9ZIFDIsLKSogm+z zj2!QbA%JPbpM|zD>CC#KHcH;#Z4Pzoeur5gzoC+<8t=^74$QK| za-;pq&FN}&^OZ||szKlChhW-kGz~04l~>&YpDB*Hp}|g0Td!N^Xd!KF_ZjSD)vuy1 z-vIZB5Jv#UrsYP5Uz#nA8u^mPW;S$Tzgl+MY>o|putY$$=XRMkHdB@nUD-liN-xH# zue>({?L3!GRu7%1i(?4<28>Tp_bqpklH?)j`UM6uGwWMLsQGyN#|@2~;2M(-J=-b1 z)2`zR8NsA6F4S{xH-DN8#DA}VfvPH5&yf#D`->leNre`wnR-oo0LUGuS@-_C9B%uu zs=7|g|87sUaw^-6jLdx$F`cx~UYe7iUAfd#0&GnPpN_ThRLa1F>H z={H!W9ZEXD0>)bA$dd0s7Nql<^?nW~CHJXMwT3A?fqo)C9%O>B1 z<_u51#j?b*gu}&pwm(a-69j***;m~mmo-1{LS!I!rkRZ6KF^>M#hxIwU5|>?6{7z- z@}9E8rR#d&4PCG)A38znG^pp|evL+2-#IMo*MVuD;oU(biZ|FUVvr90=sg}U8v3xC zkx4B{{a!YjVkDW+@hJ?I3aA6zZU(p>sn!iOO&xr!vR}jYvsrC9tya%%@th6Af5G1c zzXG{Qb(aUu)6b4Kc79R}`{%AL%%ZgmJMPG_h(X*pH*}3c>eACKcWZB9&ddK`y_(An zoG?17!xCGWG|!K<%F8Y876lBHh?s2<-|{m1Nv6zGWfcxMy*QJoagW#7{Ni~?MW6sK z{OZ`98^F_Og4Nxmq8iV65J`p}nq+S$Zd27F8!<8Qn$rH=Q2VL#5i-*3%n&1ZtKnz2 zV?%rYd5B;zTh!4@5PfXQ`*1gDTvwX$+n8M#tPq)O=hW#2ZC@Tv>X?WK5J7MKd9K+S z{JrbnnCgOtOJS~i_oNrB!G=@gfo@1^42;CRkrb=TmjoYc1shg@LO_JaX9@WMhtez* zGhx?!JTLFdugP0KvS{({E%Kti9v^=g%(?UfO(Nah{k02c(B{5Nb{-5bz6pMv`XRMj zF^J%QH~O`d{@iUC5*!8w_FRNxHhxe0 zE4e^uohBdFmIi(5RS>fF-tl{*A-Nv7e}eh=WlS|Ze@}CN3dGL%)J4qb6&v!nj;MBO z+)MAd6hG_jj}t9(M@JhPS3jgr_U#MK=eQjjXEQ(iJN?G-Pw%h=jxg(u&0d<%`((zh zAq}Hf;4FiT8D^0^_)GIdc?)`8DC`U&T+^#DN(?fa$QCPq^Z0_Zb|TUuc*%auF7V_o zwg5?0j^mJu_vfmVx@?8c8uZLE^q5=_P^ zlAoqBcukJ743IcPK0HZ=gYNhRse*C2J2o=+?veo);UP$i9vkqwpVCC)Nzr4@MMp+| zk^kA+(BsB!7zM5_BiiN)HKVgX%SsP8Yd_Gj+_Ogh&YB6I7%+HM!m+Ldi9wflL#!+#@7Cw2fM(>8_6cJ%ex=mC(2C^%LPL!Xs<#%#j_ zRwE*WN!fdwp`L5HdE|#hpG=iKeE2(PVaRjAsZCVOb!Bd*!>@6BB*_Sf z9ju9R;)7+%1PWQGb(ys&WOrH4xoxzF?D@h8IHjUR_f#Hx_uX~W`l&bRt5W_h!7Bm_>i~+5?KX!; zH-0tXRBg|eeaCrU4E;~eg>!%T>sq76vD1dzlX;~x(nQwTyZXc*%+Un?b2=|V6=_g7E!TLVFBmsOkHT9g0SIU=zf*ukdO&V-dQ19=P=JpQ|hW%6dbtaj3+N6P+}vQXv3GnpO(#USeSW)x}IGx_d6j5qd> zkwtahB?V>Ft)DKN%vpwn-AmF5`4~=c!f7!0)q(4xt}B+Wm6Ac8+w60A7cqvCK)>^b zWSPfazq2)~FyN6gHLS>Lpg>UMy#PI+#@uP+ZY9%fBI+sh$^j$4tTjN!PPF^!6&Jbe z&14R^{&?q;*FP3dc6m?#A6_saH+h+3&d6iQr$;HtN|2t6$OqpMK5re`WKTIJd!2ld zZ5u>inAG2fppbLibZnUJ<6+tY0xGQ2YYv_n#2N&KP=rfSP5S{QeKG zmrb~9z2eD9qJP;qiSNIDxjkatZKCu+e0lk1+~QHMr|~4*I*mwMYmH4MHU#b?mkj~F z43;zCw>~uuIy3}jCoS1guo=f^@Y=Y|S-r96EEP0b=BUU2#M#`*56TRuQxXcjIbSVj zM$M0e|2i*fkfrkIyV?2L?(7Y-iULkbX?tE+4%jh@vq1eP+Hx4R;hrl(3)p_!?x8U6 z>&z|`v~r;1-K5I|P>oRs$&n@&3iMI&=A2{jS$I!ggCIw&#k>23O-RJ8co~!r{Y<(F z@DM~UYu~a58;BthM~m*+Mz_|{RKUKjtr5(vBIYq=4!%V72^Eb0L#V5L|A$a}{zIs4 zFG(NLcyon%loGFl`6FPV@QAMDalgx9+{YyiR_SZh*n- z0h8_52Ug&eFh01ua44^4~a3)zUSrH${?5PPQUr#&l-dM)M5kX=-O<#LfOuzO>1SG zoNDsXF{-#2OFzVC_$@*$zFqpNgq!P_qICvz0(@&RJ#hWzVUR~?2A`3Oq~BTnBN8|6 zI(^R+B@8%e72z@K{QY>*VIk47zJJ!e=+?1a+lodF3MvoS$ZUyp@;*me_z*ply$A?j z7XUsYWqQu7!$c@#<%{-nejpqNumq=Zh-j)c%dJV^T1@d)D_;GB+%9tmpbVY`vrZqr zYm12}=x^e`^;yCr zv?~3-o0hwWx@j&u#ti4iUZHjrlaM+G<1tJb2V2keLRm_>H!cTMe=fbm!s9kHW*N_+W zpOz2t23|cXUk_hz-*#x$%8zI8dS3GVKKjs+tCO~fwP&gpMeXNZj(G9LN9k|hP4TN? zJMM^nr<&DPi03r1)j9of@^2rM)7cqxrOEYtjm*Z3y-~^9+N{b#W+66QFbp>8eF^6X%?-lNkN&)xyYz%yt?slB#3}0b=$=VleATf z+MdVyS_yUJ0iXEZ#IcqUDW0R9rY0h|jIRCXq39S=;a3RG)eawk-Io3TW4aqIdo>TeIBz*r zzFf^_XJ_9rwFXFzBr{=)eGPmmux%p~GH3Vq_ap=)7a7yu`j#60m-t4`S$hK!i{214 zuhJ1X=9)ynr1~dj`0wM$(AwDOsPC!&$ssH~RHL{I5scQKJsMhU17hZ3%PZU-*NI|Ka#*!_0&9Z=g8|hC_|>`; z(2S`k3*l$CVK&JD1!z?~aRI^Pi>jyJVhR11R_tsGY+ZhYX$}Y`%0A`)gV%lehAcG4 z(C0>dTZ$Hs^VXsIIs^;fy7f%|;}BX;`s=QGHCx}jdPpEw*3f8)1*nl9c>h6Fn)2SJ z$iEHV8AS|d=3POnZuf`a^my#PulXr-TaAEgC%f#4k~G)3R!|5EQ(4`v-xgUvlu!=c zal&$7!Pzrs6f5YbC=0x;(DCs}-(i;OUo%t0b+w%$zITDttNRlZHZ6{qTqeyyk#?#D z(>zNOi7!O!yF)rmHrAo0DmR;t2@%^PjV`c-{1%UC0!g1cN4=2`4CvCXt4$5h25^lK zeolh^qj>985|0{cYChSwerHR?6F}l2wQQP9wE&*4i0i}Sa4YM)(vmX8=0qFb<9|K` zNdJ>B&qQler=-sPsOQT*iO8ROFx z)XUl50B(9zqR|j>-sb7)*}oiDb9K=3<}+&93`hek-M<5$5JwB;JSixqB!PkcG%|%5ddHX9CyM%d`A+;A0t#v3DqmQ+U#B1V8 z$&BD^Z>p7sU1wfN$yK|L1oO{+#Y?vN@$F~J3%bkub{P9kXSZ9C=Qp6hU>nri{y$lhv5zEv+pU`0txITmT1TbZk=SGxaHBK}TtvfsJbzOc%9d5al_qro)_SjF*}L$$;RZmeLkysi7v+ z2yveMZ}Ahx{rud9iyDe*TVj3BjIPLn%`hn9VpvvE^4=>}a{ud6c-rtv8jO_%RY9oE z@f~@}$NPN%m%{R4C>a$Vcep5DPZ9ioROI(A7Gs$6kU<-3VOjLUB*xb!cU)4&xVIl2 z96ifQ=d!PjvuDr@o!EW~h*z!~$)ceRgSOdimuw4!Ep789Vi!7|$Rzz*x50f)ENkI()NMj1rgx8*X!ket<=@p+2wnL6kf`CcqSMT<2Pc8U_--D-dL9HvpZhY^t*Hrm@q=q zCG}-@qGv33lcGj8q)-jMqh>R3bL;kg8qeHH@Kim0P!!`a>mFWda&xNu^yGN6|La7o ziD`QmtzA<>;QJ3%)7ba7&(dl=x1+6{<^iizOfkQ&zx1{f(ax|FS}H$ZZ%vD-s6i0X z3+c!W!Cbe?TubvjZ;IbXh^y=Q#}Vy$M?xGdET&)oPU~*=gR-^hG9(5;uV7{BbSB_h z270s?k8Ts}z+1bevdPuc)&lh2rs{rg9n-4!Gg%Uu?X$)r;Io;qgzOw4l04=q81CP3 zgZiso?gcLH)zHKCKMirA1uO;{x`#5wEEr?SMlGgs)A7nP-ialV9t={yZeA`)go{4W zpuAV6CdWtp(MaHF2G)(7s-D>fHOnk}>N&oLYwOLYiV>#?xZxdI7xv95OMS$2C2yrN zYu;1MDKJ%Xo2`A!ebz)b(valPA@Slk@K54IYTHbQIKjF_5n^kY_MoS0thG%Ip4?Jb z$9(h5FB6tlA=C8+-v!z}f7W$to-6E-bj&o7`dTre-k~6HSi<*6Z-v!u9r2gC$5FRj zBi$V0z3*|Rt0~1=w%4jtx3!rZ_F#jUP7W;*S;hA!v7F`)y(9!46vvEp4u@&C{5QO6 zap8g|q6V~FZG^`X>iOw;7MhNslb0}O!$#mHyBZD8lnl}()`Z7FNvhSIS9Ru0ZGY<2 zWw1UXZd~`B@3BS%1!^z#JKvDs$ zF|W8ht6q2>u7}_f(rOL1y|tUfdec94xLlLUS_NUC;NH*P-)LHUc-Im9falPJ_W6u@ z>0)aHhE*~LP8q;y?T))d0r@E6PXoks;8nispG6Q1p4~ByF}-SPL#yUb^V4p7+WSYF ze(iSKY;0_XVQpU$4Uma1N+o0+A3syJxXcI9NqW^^A51SFIlW_~UV=Z46fUFW%_m37 zHr0`9v=!_Yn*K&*e&v%)U?LVIYbB=~tl92j?%oY+QT67H3*&x`zC9koO9K=^MZ zPrg5r)D!Lu|0S-+hl17Jg4)70wC6(Bh-_Y927ZAXjAu;R{D}E{i~pp)(BZ#cxQnLU z+f?)vU8tK42}ie8p_M49Q>T|1yVgEJyF#}OFgZ!({mw}g;YfEdC-=l8c=9cgNwQO@ zP8+j!J~~BK_X=b9E%qjk!9?k6TqE3Tgak(9%^2|s6Mv^&B6hnPjhI^PN=->5x$D3l z!_8&F{ete92`2p7!zRiz#q*%PW-(x`-YI4_C8Ef3sDLay$(cGz6!JFj(1+IhJLcN_ zeoU2xsZdEFT22s&VLoD6$b>&6Xt^}g5D*cCCZp7}7kCUc(&$+ah7R`ojyknT?XNDJ zc9cFX5a?~_mpmPPd}8==SaPf1E&9nHvKcmLj*%=aK6Wee|9JtxEBZw72||d-4$5Va zl}OZPG7$+iLdtdJ4G?}<9?yU&3m*e?TUVtGH8u640!#u+mHsO`X?DzgydmPPx3&B|Xece8(}ZPR8|$-|@#Y{kajn67%+5DnFBJ zyxltTDb9%avC@=Lb3-S_yntcvbQfsYC2-k)w{4Az=Yqa0?? z%HLAwlV&lQnWa&VPjowE8rHq)#TA7W8*iLuek+b2SdRdwzt6+XEYP$tRnO$Hk%D<@o_fMC z{5t%Wy^-oGYmwkHpI;weNcDRkP$EcdTk|uWSr^Nu7zXKAj~QqSsutX|pv7-yQwYU` zpzOg~!$(#lw({pQ8}e?v&!mH~H53+W3}lQOe42rE;n?yU_&&t@XdXH=k_T)Ao9Ml9 zl9?KOThlBr#g_iIlcIUG^^TI9t~hpHdF0~Md!mV>hqNjcJ()7Jf{sGBe1GmAV9ue} z8 zX*0hJZ!uovJ01F>>c@On^w{OHnq;OS_9Nb%oNUgl2+35K#bs}MLyJ^;eF4dARk6JM zJ5;&=c3DPQ#d>?}j-{7|f>Dz>dB3G)w%!~OXO%7-w7}Uib<|bRm#|}ce-6KIcDdKv zp+j}^??2gDc!MVE1blGK22s?wanDJ&_Rk)x>2{Z8WAxXt9|-B6x5PJ-B@ig1^?r$x zJmc#7OV9Nt?rRn;Pp_$!Rmt(vA)&>u#sG`9pe{^;rJ7Qg#i^B+(~h;j;|zb2zr8FP z3MfVokJvmSyUsDu6(dv!YXOMauhsgj6R?>#aQXPxC=jnSDQ-VUjYF+bBL}t*ghNGB zC@i%_c+u#*XwDwFx!yYUMq74iDu1QjY#`C=!`tj~{~3HIr^#wpW7Q!hah}`yND^k} zSm(Tl8K=)Yv@gPK?=hw@{zM}hyxW3K*&G6}aHu3tXrv>i2LfrtYG#cOEWE*A*SkZK zQ@u|mnrplfElEK=AtMD^mX=c5IaCldgLm|VKBkuk>@P9(C%I|a@$^=jfffg?a77-K z3Pco<+?LgmO|fy_OGTzq8Ap~vlI27VgS@`LA&3%=#NHI(iBtBdHdo>v7U@Swgm=3e z_<$$nVAXY$+Dft69;GH|YCmaok|j2oa|H;ic9pz6@g6~6B=_+wCvnX`o)4zw3KuDy zvOvXWc{h67IhC8i%vJ;d9>Z0u{Xze=?uej-6yp=7Mr0Rq)TaZ{L~*s779XduC*-wK+&0tR#C|hwj z64r~-N)hr!t`YF==W)jYGr|~L7#F=}JVq9)c?>j689GLv5^)V z;?vzT4HF=NvdO2YX^PYOpZ-|~ty=1l<;LCiW7o#ZD({i5Q5CZdOt}1#9?whVW{5r8 zerv<-$UZzUZ8HL;q2u^Ax5F7zZ8@eLw^N5;n^%2KSelASixOpW53hN0f2%jC;I(Yu zx@lEDk!X^a%3syFtafx*`$EDbzIPRfN8<(dgUE)3C*uC(GU!d7RSpUj#pqW(#X77{ z<=|Zxo^!ujzot7B^_PZjyjn7{nv>)R;*80E>BlGQ9d7lEUgaiDwu!l! zJ|=*v(nw34nJ`PK|UCN@_%={IV91;*YR~9fa2UqFo~jVR!-UX z@S>t--nR&tmy^u7-x4;z?~Fn#gipXapW0AVN`?fF2=jd%AI8cD1Ci53HLr&h#6mcObl z3M$Hbv?MZUNFx#)9&ghZB4me$s$S!Q?BsT6xU6#ARvcSX`LEv63~cEyi%`tuj=yQ%j6l7Yz$t-t0A?z`5z0Z*&G*w0I$J^S*iTDr2XA-1W(_ zk>VFw2HyU{;3HPvxy2RK%Ih8x|4M@B&@L{TO}e3UxO(lueE+J@1MQFN`@582!~y>* zueWfqi_aE5dTOU>00o>`;M)gaUL_AZEp8qN9Xj!Xu%jcOtgq#^ryWsN#Ei;4v-s z*KE$~4cQ%n(GtFx^nBV(G{8f$W9ZL#;j(yHsJBc%w%@Q*x$tLcb;->a67O9wX|#Dv z0bFHxmh?tZ!{!ota+`Eqp_BL~EWM7YG$8_w?f81iWFI5w2u>Ic*-;$E#|V-MssPpM z*l$wi;}OIO^F>->phiWNLUhGHB(OBr*es1hvz1u6X~6Q64&}tn*Co_G1d+oEo*;(= z_Y}1y8BZF67q{7u3B_M;TWf$g-IA|vX{aPXe0mX&C`gIRynAC(+fa)UK>wE22zgN+ zM&3~!1$`ARSlXTE;Il;%u`2^#ermhlNit#YXu}1+|7*ib9*MU|zxSmG?USIxmmW%A zT?c{l5&}c`QRbOX2xG{Hg$^0yJvQzaGvKwM*x7IL5ARx-9`2GC>Hq-5k%GTO;0*t7 za*_R6)|;~!@AzX$5i@kp?0#-iMjn-(MTn#e%wpMw*krB||CaELGxlkofWiMSJkAPF>Dq*V{@6D58K6S zd=WC=ow*%>AED)#KsZ$3n(#`WnjazPJA(}7lQ98e7go^?*a3Bs587gL9=>*}pn%e_%|94_tmk=A== zkPF>~8E>0E6d}f&1POmmCM++~cC8chyvFdleVz*WDDuB;FmVVZa;Wk&7k%foIWZiq9lx!_rdZC$ezQyO!N@ zg^UvNc}&Wnqwg#D?9#%+A_bMhw=RE0-sC>6^F*L0elT)#V;EvVe}fpA6WfJ1>Ii;> zw?}!pYTF6CvnYH7QEhNDus&8x@F6 z%CJtfFYQb#nXH7>_=e1ZZ2D9rol))?=M?j=iH^QOW;YV%7u$~Yy(%OMWjVDZM{rH{0YIb60%>l<0`LvrNoRJ z=AUkG8&97e;opgVsIJ|?;W8oX<^j7Qi<$lCc*7}otV!7K^WP$|k(}0TUr7Ib<^PpK z5$Uhg5}vm`Ow^oP*JB#A_ccCcP929wcF7EEcKSE^%pexH((e}i$ ziLo%4bPA;GDJc|A+jw%U{VRW+8E+{z5*;x=L@jL3-_Y|88HY&`8FbIE-qW8v0v8Tx zaJc338!eK)Y5HsWa{O74+uqmMxZ9Z@P85hs{>PK7T$&w$Ko2>!ly{G8Ewr_<{_8@^ zqu9f*w@b4g#b2A>a&3iSux&P^*0%EX03VDZykfBKn*5oe`hbKMl=t1zMj;T2a*<{F zA)e5!`M{V}69ykA^fOH;1j_j5Lw|;a;}c?|;UJ^N`j5TRl@4)X1EZa@Eq2;vvnKVx z=#4D2@?m%$50a10SQn3~!Z5eLtL&;A!v(hf9>XbjQA5 zxDqk6C+d;EcWd7V9 z0qmpWsO)JJ1mI&J&NQ_>=XLhChbv7snNdo`7kV^b1;`dUnkiMS-0(fZg4KDzehtzF z1B|WI*HCQyO!vQ$sh1J57Q;57zBYOaD4m$TNRNFhG3DAG3Nl^8oJ}U{AouspSVP20+BghVT~E6e7sj?GAwcyP;#`p^2+gyRJjklf?l z;G4GEIVxGtQX6j5;;0RjwOvPmXkI+}DEY6Z{xgZ^o)`+DKccqd>$=X-7)-4!8B61G zkaNOy&f4M|r_2KI*{g^!Z ztdt7FtDLckHoayWJ_wKevl_|PI}-5pa1VDH_@YctxPp!|a{hRgC-tue7n|kEC!r{O z+Pjv0_^vNYg#vicMD&7&=-5`xiU>r389q`w(ZLja)WIF1gf?VfvMQQ|vNOp3MtX#Ql_P$taGRB`%PI;D=37naU`6A22 zDBY%Q76RBvVwh;8V!+1v)n&EWbe?*YP(-1mX`CrX3=J{-Q!ZNLz`Me3ltd$Ql7s8U zvj6?Ct$Uw#u~xSwds33Jsi^~cdr#-OcF>npspwLu?&XwSc}Gd#V_Siyi>)N3D-Y6I zX-;{`CM(R%y$Bi^!-P+nR$X!wrJG%4nj^GqEYm|ClbmaM3bu5IAco}*EA6ge8Y0zG z4RqRp=qt~@5!!*YO$RA-ZQG~MM*c!Qz37?y&Bta@+dQUJ`?um)e_ArvgokqA0~8R+ z%;bd{%I8Mmn5ba*Myrx0a#)IIuug;hN&iLA!>E&=ywPX3POH!A-PQ@1TxH!4Nj~OT zkDRawjgC7>DJ-4M_IvizEcCg#)ChSre;Q%;Zed+lctmfJ;*=dO8`1KzNBlj)+g$?r zfZaBdKr8jTji8oHRhXW+a*WODK}_c2Qm z@brYp`OmxQm1{L#+wh#`H1q1*JS+7THWTvwDzs>y7k^}3iXs=Z_Q6NhMD8=1MTe(B zBK4Dm!Zl7nJ2V$VFxierrv4r7^_B#|xCcm-W0(sGca4)13mQZN-X|v02Sn2=#j_F- zR=XG0CQTbR34P;}Ck4;HRnvPAUdvnV4VR)*2Gt-K7R6UGX zYlhREk;lRrRip{~|EY3_l6X>D{+Ix$6*M1%B>?PbVpSai?#w2qsS@=i!%R$rObit%mfRZBuRg9v2GYdDyi+`RCQ$DJeHA z;3P?d(>TBdP ztr+O>yKC(woDz?X#{D8pJ$!nCy}#kqjLO4?US1*CRj%jZvo>B)U!2easFk-m?I-Et z?-yi?K17eRDcJu2WIJ3KK5QLt*G`UNsFePe>6v z6D}+{R)DQ)p<;_LCHrwP!X0F9Ep4Yl{o$1^QIL=l!;DnVT@>ecSANjDb)B0rhOwQN z3AfH0A;f4{7<4_zy+w-qMhVm=f31Vd*T0IzlJLw!)#F4VC?kv7_pRbXFSm(tA!yQ! zzEQ$=_e@!7E;%CA*suEkd<(~@hDnQz+l2xcbzE4MdeOMAG+(4%daKbXBbrh?4U5d(G`e#~ z6ePahSGR2a5Psjs9uxPn#RznSW)&FokpO0f5}ILWvEw&MZi@0J9l@Www)R@9Q>LP3 zRUv!@WO5~D1d-nk)=o#I32XwtXZbg?tY)ix_Ygen`DklOxlcqVs&?9<>-Jz$!jyzJ z=xUFWWs-YTzx`sD#-^UL^qp08O$2d!zBp|4tD}sETEH!`_9fj?5`$!(GwlR3T44sS zLT;X&-Y%&U$A7vOjtbb@njlCW1!^dl4y!uxgvX!^KZrO;AM#Q@OtVw9FJt%{+Jd#~ zw}9u}ecC?-?WyoQBBHz(PXVjo9?!xo8E&(@Z~4ZS={&X>5m5}2}1j%yGTd4f>d)sH8rhfB$Q`;5~kjGKR|M{L&SFA1Vc2RhNQr5>{ zD}Zyq@lO?C<=z3xJcC)RCjVNA$Y-04n_Ed%!z^I*x*k_9r|dYN3&5JXerB-^elI>ZC&Gr}4!G6AWwJw1y_quYSDa5L z!H(WT8T}zxnT77b*KYfaw+%_|D=m$8hUh!`tK_QqR4iUon0MkaXqA$>L4`|o}wOySr5KuMFBW583hxJMcwUX?sp3n!d;gd`$MfU`#{VP zihw?mYmkLh>D{Moh6~tlFr&u_&)yr;3{T1aF1K*BiYKbvs-3*gtFFDhKAx-nsALHy zbibq0yc);>zj7)4{zFMxW3#aC(0!i8^sW3xNnB|_mvxr!(UKywe^Pkf^UPNvr|rCc zU4P?C%l+#qtOYTqdJp7#wtf&dp5{LJfU90a7QBrZ6o36ksBdDN_k|@*Iz9#zaia`& zW=~9Ar|>p_v9?oCF`Sug@0k1Pg^OiBZ`)T=VNG_XIUNt^k&|VHlQO(Bvt*7awK{_9 zT$6{_%y#&n!-B{b3Jwns&o=H&m%2lMLs-sX(wTSOkpJX}1q!m15A70DbzwpOu)*k5 z6Ln&!*Y$Ia$%7C|4U(z!;ZXwUtC!L-*XxXCY2Z|RbpR=>zchZn;Wa>cGan=4K>9cv z)@J4?OY?bFz5_zhv7hbaUSMZizx1nWh;F%QY6Q)SI%Huj>Q~s$)x@E@mvoZ@8+Y!& zfA0Jp=Wf)l4`s(}tqgaidnUf4$RjHPna=} zycuN0-o&SFS9&~+UjPHzMHc0Anfo;#Pbp29GmGj%@4fj@ri19!Mn}H!PPC?j<|^bc zv~RMGADre*=SBonIC zU#v$LmU1n8j3eZ0NA;G07zU%kU*sSmoL8P~aEY-Or7LUCdZVyz{W*AV2tXZQ8|4J9 zu=3+gma8>0#mR2I$QCYmtxo7az0{cdJXGaF>J7@f;WDSHPQ{Fil$YJo7nv&=&9ns}n=BWCI-fk~DpgAwSR+*~s< zO`2Xh-_b-dmMQFo8a|sYauJftC3{wO8boY9AuX8d!$NihbGa^nNlUmWO?*@qyTVSp zo`s-pS+vCaty8DM6%3d_PV%q(Y4Q2e%?3rSUH0cTpCbOohN#2vPtyGE3w?0589DvlZ6wp)#B zAPkKPJ?gqNJ?p;(l9p1kcavg6M|$AIsrj{7TJbTtfRb~4vnkAX4hk61!Mjndyq?AN zho$J>i3EFF+C%VcLFWj}r+@!o&o`XH<0WxBTw6Zd4?JMxvF+*WSZzQ-HelZ8S_Q9f z@-4wA3y!P8US2q6l=RtE;Wyr4QVHLJ-cO9E_${`z5!y!Yy_)*HoB>OdmglNjiJU%6 zwHEJSrq>aB5~2TWyD>2r@i>%lqa&pg>Lf%=pTvvdOy(GZ-~U@!f4y`h+T%C9w;d!H zjOumoZ)(>b+Vx<^1~NU-B9XYE{a>CvrkIg`&TRM?w6%M?1|a>)`q>#>@-M=cnf!Um zT=mHe$k3)3`$cRAH7y1FnyS9&4!@PHo~EjFi1GuYh+D+LBgZAC7_GG+86n1P)`s+B zo{bzCmQanIw`AGA5i6ivhCYu=^iO8~>az}Slu=u^;SPGOnjW(a&bU4A$?|2@5ypJd zbC3egt)CkvZo2Q6C?Uwi58uwuqi4^q^IP$jKGD)DDHwU$8a9m2w<*x6PG4toanmd> z7}Ty?Hh&$Ukn1BZNo=U`rMzZbETo@a6*RXbmJ2zb?n*Tk@Kc%M6!Ow&!xmiB`dT=r zAC86gjF~BV^#zt``dcdsDtZlinA zX;pkoMcz)(rNKT8CF7HLkq$rG$Bvpk+#ZbmRMy*rMzn?*jkiq(CP*luK!tjVI}~F& zwPo!8Oxj*q4$Y8tH&mrxlp*3c3Np)fkIVXhe7$3MWL*=e-RaoY#Gcr;CYadv#5N|j zZ6_1kwrx9^SQ9(>`gza!d%kP^?0xO-UZ|>7xC^N~5mF0a+UB$rN^P8U^8L>{tUhE;0OhLPXFIEv*~YIMyF zi5k&^d4)I(nd!8sSFK%4?`d&_aS7;GCstzW#QPL%op27_=UzpBT5Xobv(K#u^z-d# zRck^Bj1;Bcg-bm*<22ay%(NN@Nq)iN?36|4mEBQT0i6Xw?HZCL$jwY}L!+b2W9 zI?d3==v}_W`F=u%`dGFA$*{|$+5YcRkY**6LHeshy)sF_sPz7NW6D0YZV)Ic*3#*6e;c^QxMZ_xI7RKR&BKIVB~UqLSl`p2qM+u zbTcr=Yma`TbjW*-p>&)6x8W5{r=;&a)@+;R zogD<83Qkx*=$OYFMSP{Pa3-B&B0 z4FKqa_+-tIvbnlC9iWz!Uyl+8JN6#+WE?Kjddayk?m`XrED37V z?Se!BpD6fIOLj}>)1$%yCJGsj17g@z2w1oddRXD7u2ZVUMGXsCUJl;OaH+J!?CoAj z`?z2bTa_x;gVErN8T@W_I_QG1r%U~2(C-jjFuv@63BLV2>-c6hsAa^u+j>v^;Xbjv zg(Q~weMJkP5^&bw?-#iP%DJFxQm+T!9Su1avR}HnseJjNR_cfNw_IJ@{euddWh{v< z^9>1K#X5=qEOkws2Wl32D`2z#7dB8Sf(Us<@T7)xi`=j<@C3O^t5Joooe;^d7%|Rw zg&})0WL&!Lc9bS!+xa8^PtF05|7ZN?f~LP5Lz&k=F1EU0udVZy-)Gn6+p^e4s5_`I zF6@8ROB7>zFn1N!f}k5vN!Q2wHv(=bH)>mYXbHyoofvMigFr|ucpITqL(#W(;^|g8 z8P&@0tj*sez;+R553IpV@k25freWkL$a%Pf5I}96BmnUO1?UOIYex6DN^e|8i1BI4 z{KGIlW=1dsYZsAtG{+lS2MP!4v(~>_H44z1qsao4WS@2d4eJ~v0Y%^QSx!QIhz!&5}ZkZvJcy`*HdPM z%cusdK*$PPgk4fFt9~%SKG@{0zrqf@8j;bdFxIvs`$Mp;u$I$(WPLl?Mz zRw)Ljgs-PRtka$A_m4*Dsb^77bfZkMP)H(M6A1S4Q^|5;jCw(R>6b^vpnsaCY%Zor z050ctekSW$WeNfJD*$H)KO#1<8FepBWRHr>N@U$$BcmaW3h9*}S+*$v+5oCG0P!yi zz#kx691s2@UU1J&65b_<+TD~Nf7WZ`=j4o=j@A(#p7f_K(kJI~wanV}0`=ewQ61YD zmN+Kq7A!ONjb~THW<`r9=eRWu{-Y&1O>;%Id-7BeM|&;>_B`Pgj$@}<7q0|-;27Vi zFuK(w4=~saH`*~%rC(6?r4h=81|LP2*2)Kc@L*)?^mU~NjF%>^zN=Vn0oy+RkID99 zU83U715`X=d%l<;G{6a0==DU?xiOi}YO|Y{|4RTYa`^-9{@j(-1q=SpEZ2AIrSSkQ zpwF*91XW~K69H}WHwreqO_WgYH>^vXADcD)8WaG0j5KOLPR-YmkMCK5Ua0dmFloc>s(ZTC=?X5C!8oqtOS4{K6qzesQ{@OB=0tk+Mu{$X!`L0 z1?f-TnA-0F*{)|t*FPnY>cW9lqY29OhaS_#1rONp1?M?@^+Y)KUcYo&38wphHc!BS zJcJSq;JENB%AU43fJNa+f*f2;QFdg;z8H2Wv>Ca*&(_c-BydfQ&3crshhZsD@vXKS z(sBKX9yQAGREwZ%9{xyNm!;FCtI`hiW&aINdkgLBUR3?r-eqokdwe`k6d%9b#9-F*Eox{dSZ5XaZi2XI9FdnX2ZjMx-T=udkuwq$B@e17N>|WN*aP$@C8O8bGl(w=Z4}#jaX-$H zB4h0qTf-Lf%4XDaWL$y-B%gi8g-vh3pPNaM>wQyrCzvA$hMFir9X`BLpLMXVpIbOR zOwfsk0mC?=*9osYRGckoSG?3eeo}!kE8BL?4>40$Av#PHeb6X@>M1%fqJ-f-kbD0w zaSGUbhPfd=Xt%wW#sV$Tz2J16q;ExtmS7jcnJ6ryY8EfbBVFlTh^~D+bI}5!Tis`vqwL;b6OTv{5BLX4=%n=jYY~3Dm->j1ikBpKhQcfP z(}|mSB9J3YRHz5A#oZ{1&dy`u5XX_A$fbW4Abe#ko%ni03k!yrcJukwX`o%H*RfW` zojzg2-6J>m4p))GeDdG%7&bx}e9ZyX8|n7XW$4p3kJEpoGn^CxP>e?qoZvGrrL`xf znRj73@@ym1#FIbkghI9kt=BK=oYrL)~c4lFknb0_A`E*liM3r>V)c8 zN6eOiLT^lzv<9dVMV5DIULYvTTjLX|vlZS9&y}J%6$UhyICO*Qson?53f?JHU zuW};IRE<2ItjBh6l=XDkUwB_t$8d;m zJoV39aYIeAp3&MM0H?!wZx9GfYM}kMtEBXFnHob|oEo%f9!8DR0uX|7F*N+mwMC`- zgJjnc&tCu{lG2avDm6=vFSnxRTTR|nWKy|%>`xo-lx_OP0Kt{YL&{$#2TL;?v0$hwf^k;xx1zdI9HSEd#;bSXKUkW z-^T>cml1c&MWAcg6EClyys-v;jl25g`5mZ8{<|n}Fg^14eZ7CCrf41On0EveM~y<# z4G#U!DA)r*#}s04&=l_M6q_s2fx7+PH-%(paf||W!Z0#$OsE*HZqQ@0MGXOF^&Nz^ zLXgKQkDLhK0!>?TrZ^2cu%cHXV({(1^}q}5!Fzgnos1kSof zjTzw|Kx3sag1BJy5IDT8;@g$kB0`tII^zOegNog82rH^V8H6PO{+vWzJ^;0TXt7V6 zW*t&Dayz&TL*5U_FZZJ)egK+#g#o%i{N~V{^B&o=6y%oPxp>`Afq|!44{kSXDeyg@ zUNG+o?a2j^CO}{_I*Q(T5YK!rwKiA3kWtxpBvKSe_zY`h=Gu)n5u5G%{oEWI#Z20w z7ikwc(plXm>l}$+)!KKTMX5#)K~ILSM5vl#hdAgTdXka@|8(Sx@~vFam#!9XichiN z8HGX@g&#?*7v|S~)mtgvQLK{GQ0J9MeDCvD7y1a;5ct!9`HH^Y)?D?( z&dmRT)QKej4^rniDGbs`(bgbLT{VPJ!?!NKLrl7YBKdv2O_2<(io7fLPHW-~_eD%S ziBfv2QiTEiMc+rX(jbU{8%@>rSc#g5c3P79Fh)cZyc2fZIAyk$#iPb zVD9ZzCmmEZ-T1!Ix%ap)s@BJpS9bhuc<$+fAdTVf?*BcGslY()`P|O;wg2}s z|9yfT1%muJ^|2-UDu7tt|L^f1_2XsN*#nHY<0D2Mat)?@UsLrfi$F? zrEDsLs_*}aeh`u5-!Qes3O8aBj#ksoeS}wQT zKKWDRfA8|QBmwKa0`aBp1O zH9oNl{dTWl(EoP%|91LAV($<~kLPa5>x1x@*ng7}j3z{~B3Js0%1M6XacIQm{Qbc7 zLa6)jFsnY1#S`G_7uX193(MleJgZ=&YbKi?htoS0A)I#VPSjgZbQ-%l`*vgg4c5^dP}P+BaI?3nzSQ#RU+zw| z(EY(t`zQ+G$C<){*i-7+)8)(ae^!Ae6?8BwI$@3O0N5|@Xa2dX&J`@zaDjbb7!>MO zT1nXgm|Ba;9(7*@X%IqI@DLFAD@Z5dGR#6Txs8eITVjo{E>_w`mH|bhmnA-l5F_9G zDX)J%qyiG@5wcaU&DLL$S(^rQ4PMswkQgaK<)7Vly|aAny{ZY;v&}Mx(9XPEjL+!+ zqp9VILT&Bx(MOt^@hynPK_2ACt5Uo<4)cz&kzk})o77VztzyekDHE}qK1!J@%o;>K zw&6O>sy@Z*k0#R=+7Hu)8*Im=o9!YO!~c$H)W4)u_o15Ylw%hB@dWuzKWeOu2%w6% z)a(AeJ#YOA!zJe$M^_8w}w|5mDyHqhFE$DYfqbS2np83vT;>$+2IUJ|PI?UvmA+$Z#TO)>>}j}X$v`A}_>L{WB~DWwdz{4THeW?Zkufs7bOg7a;0YDvf3o=CgHhsjzxyLr{3IXhFhss z`(mmk9azTk^LAqMa}mM@NlUc>Sz$qJROY!4n2=M>rd=o%d$V3DXFX2_I{#Zq0oucg z$Nz;|mH!8|DvfB++M1lH$v^tnE054Y0T)CZ^|riM?l|dM#YYknfpr9SPE{)isdk}} z@T){$kZzzP#RWg%Oen&XB?M-9RAd_)vLXpJml_JXUgrsv+BL;(@AZ)l&Jf(kJZ zy2?a_bi7K~22bz7J@BftHp+t}+XO|A4vCc9Isdbb29&s<8Lq1N_8t(#*k=IF^}Gkq>W%jLYC$C^>0b+(S(^9~o0I2T{bzcqR!e3Sv}E7ZJPUM zN){`}Dvoh2SfUftP2CRKc71K_!~uO@ti)=I-xvf&xeph+r7|zOxrARk$^^Ez4Oo=xjS%B!sysrX>LFXP zjcdhT+Pmwsb}#ma`*LyzQsfw|uUml}9bvQp}@;@{$n#uAY#lxn-&@bzL4z@O7~G@rx7!EyC~K z>i1r@%2QxLRVAYvs}sb!e`> z%PH#FL*14BOZ;yK9$tU=6EA4UP6U0>%8m8lplQt?F+0H*7E(JM-v61H_~RQ9ewR){ zfxa*0$JrjgqHmEtI2lo>h4XGy!{v9#yL{QS=l3uOS$Tt&knci!Lf%~0wq9q)R9Wnb ze3Sr142rUr+8A;ZLh#c89I3Y2tO&R9G2u*-$I%e|Y-if)oF?JU+`{(&GA3A?S;s#+ zuKbHf`)?3EEIwwdC7wc`7oMd{TF6gknCagHF=qaXy*OK|xA6OSO9L5mZo|EA2e0(J z&ak6hG5l{{DrMyHD_eE54cOZu)$9X_y;tS;(Rr1iWsgy&m-xU*^)vCxKkxpg3y;}ISL=9o9&5c9_50vYAi9{lsZ6v#^pbq;;c!k{3aBkRk z+mnhC-!+)06`!$g^KY~vUYq5tFek6k1ac)*^Fy=>%$YIwJdx{MP7(fuMaH0mFXj*0 z*cf@iZQ`%&2tv4yo?<=S#2;rne==^L$qYSr8_;C$JfS|eVBzDU2AzM8Qhm^HxF8#)Wo>Sp z0|9T?26s7bqSVh0 zM$1cV=9#GWU0`Y+;WFgy7GRPrX@Be~pOl9=*Z*xKG87|Mp`oXT(FVdf3Fo)Kx6)7` zf-%^mc===rJbB#$BprN!*@Y^F7Y8Gpij=S8JqGoOPtIg%J_FNw5}#6^F9oI7A_n`Y zaXzv#c#=JoP%A1EOA9sk-(miUHfZ+zKyl<+%3y~a4`hBpp)B&swRB@Z8l#y5gD}f# zE?B_Q)rraG`GNeNpc*2^ABrA-kQR0A+rEJ4d2qRpQo5;9>-@3yWKtrluV<9J0KX~i zm1pHb*A2t8EvL-y))m;4EWeypTiI^S65w&XzDEG_!>iP5a4R^G5b9a4m9S50&h<^t zj~5{zWZ;Mi(5xGTPcC!X#sXGvG(jb!|`CopU%sbpiG({o@~HC;t_ zpmxS2#9v>uu#RUD98V|43^OA1MsCE)-k%*a_nC|q3#f9?ih1M?81~&4ZK=VHoVYl9 znrirIoAnDb5ndNXMV$tP&6zr*tFyoQrB_5d6c&w2dNZT-QY`nuUq;J8D!Zz+ak{)1 zE4Wh9ZNaaBoWvoi5eXl3Gjm9AEa`x>r6JCzj!mElZEbo{gNVK2LR$HQu&Bph1rF1` z;m;*CR=r7nF}!TqHs)jP*?Hx_NTD0?W?;DF_y?J{B|7?2bc@s1rbzeh6Vi2>wpi1_ z<1>8-W|TYjx%+VdKD)B8*!lJz#>o2csNHyivAUtYJRr^}dO2n@oH3r4dYFLk*LMgO ze2_RAWUIZmGP0L#(vdh-pM-u_Za!B>ynEjXlk_oeTmo467ixC^hqGa7N3o2Lf~Eif zZW}2vVHFOy?E`NS-Ob;n*lNs|V7Yi_-6{eSzgA*kx8?}C2CndZf+-mCWmY_5nG>=}jze-Tg$V0W7q zt1e_SJjQ=biak!cva4!h9>s2k;4`<$oSx7(oPn^ z3K4fT@Ok7xlS7)I&^f#(`U>6)5}j~f-w60mdyRO`$+wW6I21z~Q@v>R)NQQSHn|Zi z(I&l<+I}8Ql8f-KNf;&e1X48bh6i@Ja{UCFLl2N>j!-j>J|W& zBPAmBNm23efKP%#2%7hQIO2}M_g3WQMNdtI_f~P)EFj?km1bMy7D!cbk5BH>OH=eY zWQ&KuVqcM|h*Qgj@24(HKPYq+WdVCfTQk+tMoYVCc9g)9W_A3Ea5rr-B+Nq}C3kU7 z(9E{)k05yw=G*!!pW5Q+l!~J0dYePrF-#u|8Vf=T;=RxEp ztDBC=m+OkS>i|`X2CSOg3_`X9KNxLM;>B)5wkuFg5CdNtRt)gZk!2jy&X<$%y6mGX z&=qb{M$sZi7qEY9r16=w;`c5Lj+8%x*lT2N|1U{aTfvgC$HKp=%dx%z!g6)N!uO+3 zVB1m<&LVdmkl@j+kAUNc=YbTmnU_iyUW)%+&7x!=s{4#6QqTEyF zuNpPqQe-bOm~3$0F_L*_^gghr4TvPWq1tPBEKG-8K_5 zwtMd{bpnjaPqGNos(qC^aaak3%Fa|b5V0G5l^=O3%Th8=?ed7J^5v%Ul@8fRb#$=z zQ<;gI>Py?p$UNErA-6!Z_-CWct-DM9=BJn9Jnzw#tF5Y!0oz0+kM7$4#1sxlOrZz7 z5#N{ITZ!b!cF7d!i#Cs)pqh^UbaBK0y4S78KCFcckwY>LzGQYcZDVDrvYY-}+Tb@= zH_Urn|7t@>TsOQ86&na>D8J;_*Ec5W{MFU<_EpK8AlN5U%WYw6=a=q|cQVO@zM*(1 zw?xz%`BxU6E*-}iTTp`H^9b-<{xt2B`2Ksa=${MnK5<$_&UL3p6TLvmw}~Cm$)ej_SVHoOKok#bzh6yK=R29=bFF0W#HXf3v!o#kb~_h*JF_2pBTs&v#OuAv`}x&T zeZ;9c)7I{@pQa*Rz*E@&Bdj`Zw&i!o;1fb=DwnQ5r?84Ko{4gO(Q=!9^V;#WC)whbe z9!PVJ+FDo+x*N5I8l9im;XrnnD{g&%w6ks6u-i6-Hh4j=o_g~N35a1;LgT}fhB09R zCLw|pmfbGLWGYB|#ahuEegF8@t}6B(G)#4}ro5|dej|!T6_*KTS6NBh*y3xEOfS$f zj5z!Q%H5VY*SJEDWlitPj#fw-qcwT8DwboNtf$;<$KsN8_-v?zjcxC$H-^V%1Zq=k zC^arw$!Ow}C21HNkYW*vQ)&hnaLhx7jS= z=Z}QUp!FL*c^XC4lf-bI!1iH{Vv|zRbD}^7%%OBG(65VmBsR1L9-ZFD^s* z&(B)2P#n8BW`Dic>bB;iacUfN8Ar9K1I=FhTSj|kV3JHI=q4aZ4y-#TG`4HGb(CE9_zQdDImw-)^e~43Bd0?{Zj*@RHyX2(fVN#ha z6a?>ZJ}edzPMd?jtM}Q=eZ{*G0PH#){r7n74BdXiI-z5)j|S+-v90guX&8Cr+t`<6 zud&fF_4$fdD8yW%*7SQOLI28C8Qv_T*6^y8b@SWw_}lW(eB6fB;yBgJ|E0=mfT{#d z8;0+7wGHKU(hMH6Y7ASki{^9_&ARnB6ii`+HFuAkT8A#`c}2k6>CdK-fms4#-+D|C z;lhJ`jZW+{dFOPz)icX1=Sg#ZPG~qy6=6xhd;YJ31z!P6kl1Fhf|5E{g1H=orLO`H zMEo1VDp~W@rYJ-#v?l*r+dI3(P4{I!_k1){x@6?~duz$#a{7F=QULa=}NKJtR=8Qa^y;+yzMK*IW!rOh?cksA+8Cut1 z7|N^1Suu#}6*(;~LzD%oO?Tyg&GbAUL<*5nK1wA$nz81*F$TQfkZVbncZ~!lRigsK zC5Y8Ncwn-b09Kl(D|0qW+b9|}AScK$HJQ(UD?Ge8Ll)dgDl1ROW#3yYn~U0c@6OEA zVF-yfjl?5~gzrr7gLt=a12|Z?$B*Mg-%$$%W&vOI$B4@nx#f>7&*mki(2KZ7GYt6i zd%sRaAg%zkb7)J;fJ@Oz%w;G%Jk;q3vf~IoTtyu?7h!(zMAFa@2cmXd;(HkTp%H|J zj*dAuSPo}Sr{;7_^$F7QjvBB?<8;P97`ml_sL}Y1 zC))~3x8ta~+!3A7_L$%8R}nkm8IWYrIJCKGLm+M1iT#)Lw3+2d^26=e3x}0Wc*A!d zC(3p^NXQp8ov>E6xviXfH|~JSmYG-R5UN5{Y>epMrK`eKxin$9Knj6S?}8Weng-Ic zbj6Exx7U7_bN`>a4)>VteE0jjun<>11F&|N7iebj^BOZaI(@Kk0xg!N{!@C|mg1OU zWthgIhx=W0^swED8lnTJnY?bcwP(YJ?iy>MCC)BS?axwkd~x2Th7z$$J+rv8H1XbH z_0cxs6GOr06;+4s$N|s|^m3X$J`7MrCna%_Q7#-#Qf&llOSbeQo|h2o=j0|PPNFq$ zvTZ2e>#`#%Zmn;M4&{)b+9~IaDTeGJqaC#?_C9Cryg&MO4iyebNE(jAU9ET|)fszu z4&3yg{4kUM@}z^9`H|(+_I7;r4Fl_SlD+Osv`3m6I9tjrWLy>g($WV`iKkun~ZDOBzIM+K_ zNdzga6Cmu2=qo$Z;LUsusZT-rslz$g z`sxo9A^h6-0Q(#Be^p56s#gk&wIu^`_<;N%KvN?C?(k}eMMhuEnpGXKCJow0b=cRL zG@OVN1q#f5R})3h*2}zS47q$R&>e={9^^{1el1`*o@RA(DbgMiXf2wO{l*QGQ`ZRG zSUu_xDjCc|Co`I+PZ&Ak`9>rGngs1CS^`3tSOJ0?MpVH*60+r~(AP~W43ZHB>HWNh zHX;*|_>F>WX5aC0cp*yXwwar*?CGWoOV4=TX{W;`$l-9t13<9l(-=Iw4bnPq4UGB_ z*UcEzeyD#F^%GKHBfN>K(Dw85r(9-uD;Z`}aEx_YsE>3cKh!oQ?nv*}Pn4RV+vvIu zQ#u9-URN#f_4wn=*vFvF`K)U>DVH4jjsh0eFd_rj-BUTMeg^r^LF66XF-f#6G2}6MhHqJZa{0m3Qi?~+(0`HLhCp{^7`wP!=Q{XQ_nrI0Ar2QQ<||k? zmy^2-X;L4c@t{Aw8!KNp;Y{%~$GIqZqV_CwYcp$tH_8IpqXI{9FdYb2grTb z@x1C96!V=LhS!@~5{|I5AR>MjAITafoz5OBNrq%U|Oz;qv{ zV@YJZ9gpoKdCT0*&^B0T2t`PM<_j4kS%QWv&VFCw)kWq`dHeBk*gz3}&+}PaL*gpc zhXC9bjxg=}$9gu!tLmUU+aNLzoaPI9+B+M>#uCWJJLHGuEHtD|a^%z~#2epaR~?{S z$0;Qkyuxd|(DdxHM<8zhy)=6XAK3Od+#QD{IO&U}qhg+sdsVGh3a7>vT2;C(ci$oP zlh|W0T#9qklWUEtOmu=si(s}Y(qAu}O1Go6V!=6WAQ7Q31MCQZeMGIX!{N12aK%dz%!QDo@v_44?&Qph#3iE3HG5*GUB^F@ibSg486nq z95PW4>Ry!&;Pe=ObH=OcXuZRBA=yaspDTNNHIN-4-fgtsdbclZ$bnDd+^MhEYW=CF zWSFdR5!Tf8f`BUMAGcg5BSO44C|~)Cc|dfgd%D7ENAQcFind69#voyQr*y{1p~!UW zkA7f_{RQjBu7}w@t`;pu(vd+P{x=c0tSuOt_v5ei%S{{@IC?DG_eG^l|0RtK2fNm{ z(yidUV*FW$HM`Rnc3W+|_NrFDQn0wcc^O#L;=c@d3&?ALCcF-z3i&`8gh-SYvQ0oz z8b=@IUw@+O2AkMy=Uue-|_*b|QxT&GeaB+^r$y=YzT6 zYp@kfj=Qp(0~BZh-m7ai2OlF_lqlpLzr)oTB4#6O?{;E%Usgkc3+)|~>t{6G6fJ0A z!AO|)UuB_VzgE`huX%>@>KE12;ub*jU0SPfaJ?>X%D8 zvm}+9s!F^urm_N2>t)c-!5-LUf)-zoOq>3Rc-`s?urS*Yt1GA2(%`_6E$53&rD9vyz3-ZZW$wwi8#>~!dKqNWt# zq-Z#)B^TBl33Vf`nKmw6ch`ffMGjC>lKWy+LQ6Tky5-$2jMsQ#HM0?gR>C;@juU{# zDdQ;M4w|+O3JAf^9A8`2?!4E~$FLb^wTTSIlW_~JtwL6`cJy?O5Poctq!Pd?LHQ!J zq=QirH2yK__)dWZW~9U1)mtv~3>k@jq7Q8LW*p7N7QWhyeB=iZ9Ls-m=?i#n^ZK^w ze!#VF3i%UXP{#k=N%+#Z@e1w{fdCsQLd*hzR;&+QuiYaD3Kw38%iLA)e@I&`i=C|) zkQJ#c|7U{zZgUcPj&sg`3kb$#bEq8_Yf0o47Gvs0Rwgmhb`SqM!|Kapm>5|9aA9J@*9WJyDt#&YpFMJuy!@#0vMD}@#e&M3Ap0l$F?!IT z+(_DAR#S`Z%AZHQ%#F`!{u9D6bffW&%69B+Qdi=#MsW4`{lQxb;mb-2PF0519t$1J ztoxJmPoEtWV>TF?pBm1AuEP}1Rd2gD`mVMC;XHxjaHcrIN$2j%Uy?m^V z=Q-yoICvTSZkoEO9rD1p`}*URkQ<0Go#_8GPfL?^C`-<5FM@8ZH1Jy_dnPpVuMC7s zPAAMV;z4bF*dLvAANu3?sOUlZJo#u$W3UQ&r4~YmiBE(IiQ$qxJ5UF1V_wOq4a1iK z99idc_zZh1O`Gmyqk8=5019(LYIh?vCe1fEEgs19GU)HDEjK<`47xpU`=G*#D|_{4 z(v2NXlc(+a5yI97KNmIzCfl|5y9sMTAe}^ey3qHR z;SsJioWH6CMTZwnt1?C$V++LCFUhKc!64rWACUQ6eGnIOGDq3Xi@*|WV1D5aqaPi~#Cdn2-JjotddwEi_72s-uXVy39x=$7@oPjt znCffw-REy)+Yd?)6t_LkfelZ?B0ZWw&@jXwl9TV!Eg5ctk#;O8@t(Z`w4s|%xK{hv zc{R>83(TJYg`xW+AjDpheq(>n?8rBPEA~IjupHs?I8Nzznx<*migkR-AMBoiq~PXw zxJdoZp+_bI@2d?Shg30+1EJNcOSyJtGR zuV(UJePD*NCY*m7N|-YYJ9_Q*fgmHxt@v}ACL6Z?*n)u$EUsq?$u@zj>F??R+PKy0x- zff9QSKAKu-R#Nn%rK|#|M&k?7-Ux#2bG6;U4n0jg6uTiwy*qUz3m|!C7~(>G>h8zK zqXriTh*iIoc2o?pn~E6AoIA>b8(kyo(3}r4A%EunVyxUs8J0M8B_W0=5EFW3 zm)`B)r2O~>m50Db|H0F&DE=NbWU?voERx(OZGr^?wUVilJ4wn}1|SY<0?gWgXx|lR zgcXKC?`kAXvvQixk_t~_8J-4OFHB;7n26oAI zT8iw)evl=6VqCpgFW}4An$^%YHRvfv5+tGE!Cz-6Im4jHL)Bzgz#HB;5>wMOM3_yQw2pA|4OC8h;xdyBU^`Xlh(!xg&Wi?mLqcGp{uN z;U-AGa@0HJzIAR{Y3mcO-5XZoY@|o-eKc_4Jyl_ucYRC#RbWN4MFD{p0}ApR5vTab zB2<^Zxev1wBog*~^`+aX#`5np92F;<^&^FD@wrr{|C^AJjJ?+&?Zmqnc z+!}Yk8^X~g(kz>sn4uR*j}}GSn2@d%ie=P=Jco;dj1kTZ3Qrdvo348&*xvXr;QKNx z%3YopI6d{Ww{aCbIX_0exH!vMuI)_TuYS5gsSIdrlJP!`4QibaDWqu~U2Bm28edl* zI|yI3!{Ba}ttvYs-#Sq?fN?br$^v3|jKQh~a}gj1Ciyn3B&1bCz3A>&)=GX3&DXdy z9ui?kV(F_Hn)T#dWA48aH^(KQpa9DvLI3xCH`Cpp`|5;?<;?#>JYp|)rqkc zt5bBe_5|tyu+ge4(~c#i34+Jnb<@-RXPj>s#sl^N<8DTs;dThuhM98y@H?+7OYQR1 z0YI~Y$XR!X@M9NiJZ(pG z({$#rOYaim))&uv*5NLt40i~e9kb;OC0^vgos9GHDl~G$x8y`$RE${f#3v>IHvRV* zusx^c2lfGnI+j^+7NEIv8HyzQf1#@dnH;=q(7OMVJ=7`E57n0F%Rcy*GA|v(E1V5( z6%g9(HQAm470^y2_QoX;Sh027Q#CzKWlX^}0Bx6bGPiVo!MWJplX-0sq6%j8JZRz5 z|Bibd9JDo0TW$b_e2#{%4El9khSX(K4ToXeN}M&LF_$OJugAPqZQa=ZmduI5tg->v z#BRd3qfpKG8+K{<-yEw`lVOs0oiOQ@q_dNeuccDnCI<`Cve0U)%1yC)6Y`b`Kl_*) z74>IV`Q}p0^PZBHNFSFWuhTBp9XfeG#osz%dypBOkl60{G!j^lCY*Zg>X$=4TZg)h z^c^bn?Y(rM&)dJXE}OE%bL?H>8iGm6s84^dO|BKmu5Vq9vAwJpWpvd%j~6&UFD@hf zOL%W!|1u(r=7_>rIy!Wh4u3vYo^EbTmnZotzKYYX10zEWN{fR9=)baqknNUnV%R^k;`Ne9fwC{HsWGwN{UHa4XeFm&K$4okD~JCo0OcM6&a{f zA1otZpD>t2C%&Q-yN#+t!qU}>aYZ{lFwCLx?SdW0xY!;PI%+_bsJJxGZ8ErB zXsubv5CXac7+ju1p#}|ZUAA_)K^n0$3vnKZsmjsT-j=+6 zc&v16h(4t+;Z7!pW?WhYcB+dwA48ibT^0;DBm%dU4~6&GdKWnk*_3{9OS`QZ$%uW_ zUKs;B4}B-gmyN8dFN0Kr^%&{a2zC&G{Hs5-$hU%>&8Ny+qDEH1CSrgO1B#P?|AAqY zitzEqyr&I#{Mqwkl}oCXZ{wjNEZ4ou1V^PVP=16#KMP>f(KFP%&l>J89SC88^kmMG zIO)U>+-B(R>>oFP6sCxi4Ohd*U##wB5O4-t_w=o}^yx$lG}8D2Y}_bWiAB33`Q017 z=TWQ*7n$1j*`pXD)F&&UgEb4%H92PVH`LMtU2KDgg>l&r_}G_4nVW%_ylBc9r`l;s|osi&pMwz8sF z7u-N&KJ?;8XLfI$*z2ZRzkKP)FsK5t<9N}|B_6@r712f>R#w{iEELOxEzY`Ct8M=2 z6aK{=vy&r*n*Qc!f?Tzm^-gw;_#!b;%X-T=;(h$aO!uYK5<`;?l3;tFge1gR#Xstj zJwGBeOm%ao{&Ur2?fim6N2;C?uAMBKh_F5&m|Ax2L{3cG>w9%4ln4k2Y_(XW%(=mC z-A|2N+Oa11)37}lsO_yj;BB@y^sD)yTaDMFcICAlz%|XDnxR<5I6a%$lm5UGGhS7~R+zZs5~e4Gu)hx+(EMQc?Hj~B2x+~??sA1gQZlka6v z7h1ime*LKb!|HB}-qqx1s!KD%Dzy=OXVmRX3DgBJ=bS8j)=|TkPRRa_0wzsgBZKpY z+UsU{O<4%w+d?=S8`GPJo*~0}MzjD&+xez%g0J!194bj%H)y8~_gwxLo3&U!Obh;R zz5=$DY_oZ;`K;qR{=d4eIxMQK>k~sG3{n!(g5&@O(gR3|v=Y*-7X$%esG$*%9*~f3 zL;)F)E~PeVY@` z6saMA@1->bHLw&X6a>=c_4j2^^gYF|*|(d{`7~-3Z0)s}lJluZqXzHuToqMgNf4c* z^sLJOiBB26vqucc>AR}Rp%ZC*9*%wz=cPmnFn1AHgsXF~p_tX#rv5Qw;Z4;x+Oa3* zG53Y#)Y*tjGNb)rehzV4zQ}eeIh5FDvf_s7zIFwp4>C^Q#CcAR#MObp+|)`xh3-dTXCN zCKO>6ReMI$<6>Qrv`ngoEA%ET#VB(407f9cTVyPAv?6!7H_zQT$3ppx=O?_VP+iRW z%ja$ZVM7yNDdI9KjoMqAtCe4E;37K0D+>QR}J8yZeIjZ_K^ zzMDN?oo(JBwmn7ZRujXPB%OVqY&TteZ(3q($C4&1tygezWZ{+X) zW5%v4L0QEd5dszDt}GNsz9>xsI&Ci4*r3+GsO7S0X zo+qJW9w_z;u_k^Yy%&efufHN$KyRb=d4*2lp&JNqr)MlFC52+1uTfbor$#gUHmunU z3DMb8_K4p39`S~v4^89}B~bjiKC+x7ErXom`svs=+|vxI-J#acC&HllNWeLh8DULE zj#lK00byZ`YR%cpaQ}gIV-peH^2EBbWJG%P;>c4zhC5KV2T9ysj>L&q6Pg4bJUI6D zrkYaQ)+lyd;0zso(~_q5waL`zkD#5{!bS&j26I_!V?0X>h={;*>`Xso>fFt8z4ePV zua)?_W%2aszJfzNvrs4!5Wv-_>irF)`___NSY`^JNw~|`%kn&arBJ=c-#m*5bwpP> zz*T`p$qbBHy*emXGG4a(5Jdsbwq7qgBHQdxREfQ7$59FQ!nuMFg%#GoC|(|yj{I?t zrrmhBr!)`XGQiu`Sg6=~)c(fxJM+81$2SpCdox~RjkEWKYo&Q~79gI8`KV$yT7pPu zTbUX!*MiXCmz~GfUyztfI^)1D1rwy24Cfi}mtUY7y_Q{aC+TC2mqN~d56v!=;m;lL zTXer3dYk}-u=PB(_uG1Gl|*i!GS>&*_Un>J61WZug-+9`ksPN8*hNcY`gDE|AkGl< zV8kqUnfi@hS2UbV{Jk~P*7}E?<4c~Cb}4q2Rd0U%Er5l9TK??W=u4r=l$#|79KW_0 zRD20_=ViV|D0B>{1>{w1b=x@BLavlP!ueo{L9P# zZh=R@<$oEk6bTIZOYQ%@Qm6n2$2=eXBL%zv>i3riC;=F}lZdDDsu1AfzYd~@k5422 zW|&+crGCzsCgvdZglkZaYsu21=V_Kr+U0|G(JydVrz!&Qtb}1^{6`it4JDo2q$QRok>A zToZ7P)0GU^cF(RlKN~t{_1MJhEF6BVZ5gj|p84bH)2D~I)bJkXhP5Ky?DlZ#sYqJB zX%A`GHf#NPw>+-0c|{h@bUXkl*2+Xu2VmN_+tDKh5-mG1hexgFvad}N-GeEh$znESLqlMqd>|ssqWRYgNN^GYRgFo6A z#ll^s$|f3Q!OYCONnwErZl0&Fc+cX}G~$2qC0lAzK1g{q|2Hc+B1!KT_}kqI!0lx> zdXx3jXx>xC_PHwMcwbqullI(($YRP0{BrQ>O*WSRl1D#ZV#V?#Ka>LlNpch*sJbG z;%H!**c$83mkCXnrCz@5Y7^)BPB^by;YmI_wuCk-pPX@lTFcY?^!vp34f7+ZM(p9# z)?#m>*mB7fKsay!C^9}w2%UX?=HR=W=3qL)Phx&hYABfp2WkUxkE_!gd!1vCOrAb1 zJ2*OuOA`JHVL$Fs-5iugSGx~Nb~CfEY?+~bQZBBst+ao8`X?_m!KrFksXKQbpYKA> z=a;X^V?I*zQdW9xOsFUF8tdvN(9_XH`+1^gpUR)jQQulgeQ%J3Az9J%qj?bgK*jQV z^%G|(ZlV=8E(dgM$dfx5)8{5U=gac?WPUQ5(y$P4I)wu2-+A1&>7vYkW|h}DSeRnI z-r{@iy@E+csrxtWWumLK{dW^*uWdufiu)n0(^RZ?e)JS;h}7GTd7raa^Ojar)DlrJ zd`sfjKhu^Le@S^~qvNKis3lNu`9l~5BQqI)5w~h=o%+P)WK|41LO-19Dspz#+%UGU z@1CmD&ZFfI4nu4XGu3{_Zi4*$b5<8S~VY~YQ&lU3X8qqDM zn@f;@dNe=$B8^T&qZTT(U&c$4T@6Hz%t+KZ?#Q`qIWw+SXmfk}c3;186oYr%Gm%Pq zdV22N0Sg91NAZ$_zJ6k2`qI*p*4G;$Mz(W?ExYu5AwWge$2+PPQRCQ`Dm1)ECwbXt@p~bPK55@g#xtRfN z%yiYDlw*Mmk3XP3F41Spj3VzoXUn4o<a$r=oCQp_AT{ z`~$T2h6B$>Hvo_&5leua4^lOHR}&+4FKbHiSIZ`LR|H@;ZoACN9NkAKyaNhfnynb* zqk&q7uv0|7iS}qtFEu76{x<;M)aVx=TpE*aR3r^wk%QZG%zqQC>$j}&rhLVbAx#L!-Tms zIU)A9bqe~dV#&2HxWW)!sp>cdTx%^w&?&K;1(~n*v^$d>)Tnzx*-T?l_Grnsx2}cc zwd38l7RPM?XAA6IL=J=PGD9IyA}iLsvok-#aOjGMkn{y~Ufp8V7iRJe;*Fsb5f&Cc z+^iasa%4ovP(ttRF3g3qdlIZP?G3UVyh9?z-@bX{%I<%pDKqFL|6KB?cI}L3x-Qu; z;zjgrKBbSLVw2wH-GO#Dhx{h{&6k5iPga<=C1%(jhqXV1J)#~li&jMN0KQYPOmap! zWA!p8Qx}HyIfQ#h`ErlO=cr@g3Z8E1f>yvj7KjlCE}6$odLyl*~@ z=O33MR3MTgE#}dajykiqFXOo|kYEDi;I_M~hL85#bCW9%QfIN-u*SOdF;(2!@k%x< zYMAHA>g%pbZ0q@H>!}69AuOj}Md;)e%a*C%PUoPV)VKC}9nD$@v9Em(dEurqhg(&| zW~YFoqZV@E1&i}D28oS{3YaY^(akhBEdw>uk?I6z6I}9bI&qwszYIq!a3%S72e~~a z#)Xyol`NJ>;g93C#HR%mcwwTn3mT##R3X{obtNubds?}Sj@G6zaqvx>L9^(C1vIqa z(#8NajKU_G1LFGX`-EF$NAg8VGA#s}XFGRm!gOJ}vF@^(vFFk&L#bgTz=(##MpfWi zm?*tC%b^Sj)mt>boR%ORQXZ35q>!o6oJ?1gSl=cJYqYiCLq$@hrpxkuL_s%?e zC(98t6iGlIaj@9b88yzl%6zq-3S|3h2e=E@kBh*P=MEP#l7^8l8et>rVbPLiEnK&T z_|!ic$x!B;1yTF85#6#=P(KlEWaWQ;K&n zu@xY?yCTL(GZm=&-0nmQJ`P$NL@fE$Z= zV^M!9+PyVaKWiG2MI60zT$PP=q8y$r63g;ubN{$TI7{$MVAYTzQYzU>qApN-raWop z0vWas*nkX(v}lu!=tNQ@&fHPvr)LiS`jVk zA?$v!yoa>li`7i9}m~NWdY9l*NLQV0S5yn=GaxGV{8TT={9+Duz z_>|%|#H|jVMX(oQI0LUADy?!UJ?m%gO+tB7Cd+eoV~7$XIE{$v-DS{lu#h+Dw(hn> za6-&9;hqvqHi8jGMH`ghKAUpkRb|@Dwvf?=a^7cC$s$2baT?9lX>b&Ti+a1E#B!N- z*V`5(P<~bY)S>-gQ-K$4m`0S4Am|MIS!xEZEsxy?SFE^_`oZ2+R=SeD1u1caPrKsa zfQz{?7-Zzuo$B!Z`9@i7tW1CVi-1}e6x$}lRc&_=;#wl&AmgS>Z0bvNZvwz93jEs9 zT%dsO0{4;v*q6@`8X?U@12K-cdMR8~?W#9buz2H&j%PFA|F8x}O%A63USvEHEFE3H zt7o7)DBdYRQTf3MYOE%kn$V(+fG&&JnskXUF@86g`ArneCQed=CQak_G2 znN=wC#rr#(&ly(kkQ&aFr;%d&NKOY`yXX%0@r`sZacZrDZ)cNvM#dIP5+w8#s=pH? zc4bPr;*=UWtMXue5=Iw zjUZuWK9y|*IkCEkh=^zHec*3>H@kP%e_)rqf)65WW0z;%wyp(1dEEFRvZV!jMFa$N z%t4@Vd77J9$P)z5?7^%Usy7ric*?TQ+Ajt_d5+dQlF*r4Utd=#-^p6L`qR&=88vHx zP>r5PXM4%pP#*K0`(cMRY5{Ovi-OA7F&*jNinK15F=)cg!kDbUxMd9 zS|Z~+U^(uHFm9dosNX@~-AE{M-;qPFThJ}1J_HskH5?!(s(W(lfn@Wp&jJ~`7H2O( z08~Jp*{b+Xf&Uww{uWO%MFUYHrL*Zn&HoXTJ72`)u+z7P{}LYpa0eyk24dL|7Q=_M zzcBwFvmjZ3Ky`8kSK9oW=D$b&@gFa6??>0e@n0tMAF~8)s&M4jx}$1cEIez={{WIq z&^`{R_sswta22^K62dRK!3lJVrVX;~YjtH%Paz8`0kR`8#1 zZBK(fzIFN)wIpyuNBNlC_?dCBM(8d9&oq4gZv;a8~ltF6y z8wH#NJ;;gie^BQD{I{?SF{ZNKl{mCEC2ui literal 0 HcmV?d00001 From 5f6bc2a14499cd3dbb811f26159c7fe67e14e9f7 Mon Sep 17 00:00:00 2001 From: Ari Attias Date: Tue, 19 Nov 2024 16:44:31 +0200 Subject: [PATCH 16/63] Add image --- docs/storage-class-configurations.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/docs/storage-class-configurations.md b/docs/storage-class-configurations.md index 89dff0075..0cda06666 100644 --- a/docs/storage-class-configurations.md +++ b/docs/storage-class-configurations.md @@ -115,7 +115,8 @@ All values in the secret data file must be in base64-encoded format. A single K8s worker node can be connected to multiple WEKA clusters (maximum 7 clusters) simultaneously. -

k8s worker nodes connected to multiple WEKA clusters

+ +k8s worker nodes connected to multiple WEKA clusters #### Procedure From bdc2c43c72095bbb0af6cdcc22ec2ecc7218f9ed Mon Sep 17 00:00:00 2001 From: Ari Attias Date: Tue, 19 Nov 2024 16:48:27 +0200 Subject: [PATCH 17/63] Update storage-class-configurations.md --- docs/storage-class-configurations.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/storage-class-configurations.md b/docs/storage-class-configurations.md index 0cda06666..326ee2720 100644 --- a/docs/storage-class-configurations.md +++ b/docs/storage-class-configurations.md @@ -115,7 +115,7 @@ All values in the secret data file must be in base64-encoded format. A single K8s worker node can be connected to multiple WEKA clusters (maximum 7 clusters) simultaneously. - + k8s worker nodes connected to multiple WEKA clusters #### Procedure From eb5fe6873d12189b26abfe5cc90a5b16e05ef841 Mon Sep 17 00:00:00 2001 From: Ari Attias Date: Tue, 19 Nov 2024 16:53:37 +0200 Subject: [PATCH 18/63] Add files via upload --- migration/upgrade-legacy-pv.md | 93 ++++++++++++++++++++++++++++++++++ 1 file changed, 93 insertions(+) create mode 100644 migration/upgrade-legacy-pv.md diff --git a/migration/upgrade-legacy-pv.md b/migration/upgrade-legacy-pv.md new file mode 100644 index 000000000..05b708f2f --- /dev/null +++ b/migration/upgrade-legacy-pv.md @@ -0,0 +1,93 @@ +# Upgrade legacy persistent volumes for capacity enforcement + +## Bind legacy volumes to API + +Capacity enforcement and integration with the WEKA filesystem directory quotas require the following prerequisites: + +* WEKA CSI Plugin version **0.7.0** and up. +* WEKA software version **v3.13.0** and up. +* WEKA CSI Plugin can communicate with the WEKA filesystem using REST API and correlate between a specific persistent volume and the WEKA cluster serving this volume. + +In the [API-Based communication model](storage-class-configurations.md#api-based-communication-model), Kubernetes StorageClass refers to a secret that specifies all the required parameters for API calls to the WEKA cluster. However, this is different from the situation in the legacy communication model, where the storage class doesn't specify the API credentials. + +Kubernetes does not allow modifying the StorageClass parameters; hence every volume created with the legacy-model storage class never reports its credentials. + +WEKA CSI Plugin **0.7.0** provides a unique configuration mode in which legacy volumes can be bound to a single secret, referring to a single WEKA cluster API connection parameters. In this configuration mode, every request to serve, such as create, delete, and expand, a legacy Persistent Volume (or Persistent Volume Claim) that originates from a Legacy Storage Class (without reference to an API secret) communicates to that cluster. + +{% hint style="info" %} +Volumes provisioned by the CSI Plugin of version **0.7.0** in the API-Based communication model, but on older versions of the WEKA cluster (below version **3.13.0**), are still in legacy mode. However, because the storage class already contains the secret reference, specifying the `legacyVolumeSecretName` parameter is unnecessary, and you can safely skip to the next procedure [#migrate-legacy-volumes](upgrade-legacy-persistent-volumes-for-capacity-enforcement.md#migrate-legacy-volumes "mention"). +{% endhint %} + +To bind legacy volumes to a single secret, perform the following: + +1. Create a Kubernetes secret that describes the API communication parameters for legacy volumes. Adhere to the following: + * The format of the secret is identical to the secret defined in the [API-Based Communication Model](upgrade-legacy-persistent-volumes-for-capacity-enforcement.md#api-based-communication-model) section. + * This secret must be located in the same Kubernetes namespace of the WEKA CSI Plugin. +2. Set the `legacyVolumeSecretName` parameter to match the secret's name above during the plugin upgrade or installation. Do one of the following: + * You can modify the `values.yaml` directly. + * Create the Kubernetes secret and only then set the `legacyVolumeSecretName` parameter during the Helm upgrade as follows: + +``` +helm upgrade csi-wekafs --namespace csi-wekafs csi-wekafs/csi-wekafsplugin \ + --set legacyVolumeSecretName="csi-wekafs-api-secret" + +``` + +{% hint style="warning" %} +If you do not create the Kubernetes secret before executing the helm upgrade, the CSI Plugin components remain `Pending` after the upgrade. +{% endhint %} + +## Migrate legacy volumes + +Once you bind legacy volumes to a single secret procedure, you can migrate the volumes by binding a new WEKA filesystem directory quota object to an existing persistent volume. + +WEKA provides a migration script that automates the process. + +Run the migration procedure only once from any Linux server connected to the same WEKA cluster. Additional script runs migrate only those volumes created in legacy mode after migration. It is safe to run the migration script multiple times, although usually, this is not required. + +The migration process might take significant time and depends on the number of persistent volumes and their capacity. The migration process is transparent and does not require downtime. + +#### Before you begin + +The migration script requires several dependencies, which must be installed in advance: `jq`, `xattr`, `getfattr`, and `setfattr.` + +Refer to the specific OS package management documentation to install the necessary packages. + +#### Procedure + +1. Check the `csi-wekafs` repository from any server connected to the WEKA cluster: + +``` +git clone https://github.com/weka/csi-wekafs.git +``` + +2. Run the migration script using the following command line (for multiple filesystems, run the command line for each filesystem): + +``` +$ sudo migration/migrate-legacy-csi-volumes.sh [--csi-volumes-dir ] [--endpoint-address BACKEND_IP_ADDRESS:BACKEND_PORT] +``` + +Where: + +* ``: Specifies the filesystem name on which the CSI volumes are located. +* ``: Optional parameter. Specifies the directory in the filesystem where the CSI volumes are stored. Set this parameter only if the directory differs from default values. + +{% hint style="info" %} +On a stateless client, you must specify the `--endpoint-address` to successfully mount a filesystem. However, if the container is part of the WEKA cluster (either client or backend), this is not necessary. +{% endhint %} + +Example: + +``` +$ ./migrate-legacy-csi-volumes.sh default +Weka CSI Volume migration utility. Copyright 2021 Weka +[2021-11-04 14:33:04] NOTICE Initializing volume migration for filesystem default +[2021-11-04 14:33:04] NOTICE Successfully mounted filesystem default +[2021-11-04 14:33:04] NOTICE Starting Persistent Volume migration +[2021-11-04 14:33:04] INFO Processing directory 'pvc-e5379b17-4612-4fa3-aa57-64d5b37d7f57-1025f14ca92d2e18dd92a05efadf15a4972675f0' +[2021-11-04 14:33:04] INFO Creating quota of 1073741824 bytes for directory pvc-e5379b17-4612-4fa3-aa57-64d5b37d7f57-1025f14ca92d2e18dd92a05efadf15a4972675f0 +[2021-11-04 14:33:05] INFO Quota was successfully set for directory pvc-e5379b17-4612-4fa3-aa57-64d5b37d7f57-1025f14ca92d2e18dd92a05efadf15a4972675f0 +[2021-11-04 14:33:05] NOTICE Migration process complete! +[2021-11-04 14:33:05] NOTICE 1 directories migrated successfully +[2021-11-04 14:33:05] NOTICE 0 directories skipped +``` From 3f6f795244ad381b19eb4b9ab1e0b11c0bfbc14b Mon Sep 17 00:00:00 2001 From: Ari Attias Date: Tue, 19 Nov 2024 17:27:38 +0200 Subject: [PATCH 19/63] Update migrate-legacy-csi-volumes.sh Added link to the doc and reworded the intro --- migration/migrate-legacy-csi-volumes.sh | 18 ++++++++++-------- 1 file changed, 10 insertions(+), 8 deletions(-) diff --git a/migration/migrate-legacy-csi-volumes.sh b/migration/migrate-legacy-csi-volumes.sh index 665056649..40b4e9656 100755 --- a/migration/migrate-legacy-csi-volumes.sh +++ b/migration/migrate-legacy-csi-volumes.sh @@ -13,14 +13,16 @@ FAILURES=0 usage() { cat <<-DELIM -The utility simplifies hard capacity enforcement on CSI volumes created prior to Weka CSI plugin 0.7.0 -This utility can be run from any host being a part of Weka cluster which the CSI volumes are located on. +The migration utility enables hard capacity enforcement on CSI volumes created before WEKA CSI plugin version 0.7.0. It can be run from any host within the WEKA cluster where the CSI volumes are located. The following OS packages or utilities are required: -- xattr (xattr package) -- getfattr (attr package) -- jq (jq package) -- Weka client software + +* xattr (from the xattr package) +* getfattr (from the attr package) +* jq (from the jq package) +* WEKA client software + +For more details, refer to [Upgrade legacy persistent volumes for capacity enforcement](upgrade-legacy-pv.md). Usage: $0 [--csi-volumes-dir ] [--endpoint-address IP_ADDRESS:PORT] $0 --help @@ -29,7 +31,7 @@ Optional parameters: -------------------- --debug Execute with debug level logging --csi-volumes-dir Assume CSI volumes are stored in different directory on the filesystem. Default is "csi-volumes" ---endpoint-address API_ADDRESS:PORT of a Weka backend server, should be used for stateless clients. +--endpoint-address API_ADDRESS:PORT of a WEKA backend server for stateless clients. DELIM } @@ -235,4 +237,4 @@ main() { } trap cleanup EXIT -main "$@" \ No newline at end of file +main "$@" From 2d5f4365242bb530ab079eb80d30861de00895fc Mon Sep 17 00:00:00 2001 From: Ari Attias Date: Tue, 19 Nov 2024 17:28:33 +0200 Subject: [PATCH 20/63] Update migrate-legacy-csi-volumes.sh Updated banner --- migration/migrate-legacy-csi-volumes.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/migration/migrate-legacy-csi-volumes.sh b/migration/migrate-legacy-csi-volumes.sh index 40b4e9656..f2bc994de 100755 --- a/migration/migrate-legacy-csi-volumes.sh +++ b/migration/migrate-legacy-csi-volumes.sh @@ -1,5 +1,5 @@ #!/bin/bash -BANNER="Weka CSI Volume migration utility. Copyright 2021 Weka" +BANNER="WEKA CSI Volume Migration Utility. Copyright 2024 WEKA" LOG_LEVEL=4 CSI_VOLUMES_DIR="csi-volumes" FILESYSTEM= From c44d6eddfbf5f358c95dedc40a2f30f0156a4aa5 Mon Sep 17 00:00:00 2001 From: Ari Attias Date: Tue, 19 Nov 2024 18:37:56 +0200 Subject: [PATCH 21/63] Update upgrade-legacy-pv.md: fix links --- migration/upgrade-legacy-pv.md | 17 +++++++---------- 1 file changed, 7 insertions(+), 10 deletions(-) diff --git a/migration/upgrade-legacy-pv.md b/migration/upgrade-legacy-pv.md index 05b708f2f..3b2ea74a6 100644 --- a/migration/upgrade-legacy-pv.md +++ b/migration/upgrade-legacy-pv.md @@ -8,20 +8,19 @@ Capacity enforcement and integration with the WEKA filesystem directory quotas r * WEKA software version **v3.13.0** and up. * WEKA CSI Plugin can communicate with the WEKA filesystem using REST API and correlate between a specific persistent volume and the WEKA cluster serving this volume. -In the [API-Based communication model](storage-class-configurations.md#api-based-communication-model), Kubernetes StorageClass refers to a secret that specifies all the required parameters for API calls to the WEKA cluster. However, this is different from the situation in the legacy communication model, where the storage class doesn't specify the API credentials. +In the API-based communication model, Kubernetes StorageClass refers to a secret that specifies all the required parameters for API calls to the WEKA cluster. However, this is different from the situation in the legacy communication model, where the storage class doesn't specify the API credentials. For details, see [API-based communication model] (../docs/storage-class-configurations.md) Kubernetes does not allow modifying the StorageClass parameters; hence every volume created with the legacy-model storage class never reports its credentials. WEKA CSI Plugin **0.7.0** provides a unique configuration mode in which legacy volumes can be bound to a single secret, referring to a single WEKA cluster API connection parameters. In this configuration mode, every request to serve, such as create, delete, and expand, a legacy Persistent Volume (or Persistent Volume Claim) that originates from a Legacy Storage Class (without reference to an API secret) communicates to that cluster. -{% hint style="info" %} -Volumes provisioned by the CSI Plugin of version **0.7.0** in the API-Based communication model, but on older versions of the WEKA cluster (below version **3.13.0**), are still in legacy mode. However, because the storage class already contains the secret reference, specifying the `legacyVolumeSecretName` parameter is unnecessary, and you can safely skip to the next procedure [#migrate-legacy-volumes](upgrade-legacy-persistent-volumes-for-capacity-enforcement.md#migrate-legacy-volumes "mention"). -{% endhint %} +**Note**: +Volumes provisioned by the CSI Plugin of version **0.7.0** in the API-based communication model, but on older versions of the WEKA cluster (below version **3.13.0**), are still in legacy mode. However, because the storage class already contains the secret reference, specifying the `legacyVolumeSecretName` parameter is unnecessary, and you can safely skip to the **Migrate legacy volumes** procedure below. To bind legacy volumes to a single secret, perform the following: 1. Create a Kubernetes secret that describes the API communication parameters for legacy volumes. Adhere to the following: - * The format of the secret is identical to the secret defined in the [API-Based Communication Model](upgrade-legacy-persistent-volumes-for-capacity-enforcement.md#api-based-communication-model) section. + * The format of the secret is identical to the secret. * This secret must be located in the same Kubernetes namespace of the WEKA CSI Plugin. 2. Set the `legacyVolumeSecretName` parameter to match the secret's name above during the plugin upgrade or installation. Do one of the following: * You can modify the `values.yaml` directly. @@ -33,13 +32,12 @@ helm upgrade csi-wekafs --namespace csi-wekafs csi-wekafs/csi-wekafsplugin \ ``` -{% hint style="warning" %} +**Warning**: If you do not create the Kubernetes secret before executing the helm upgrade, the CSI Plugin components remain `Pending` after the upgrade. -{% endhint %} ## Migrate legacy volumes -Once you bind legacy volumes to a single secret procedure, you can migrate the volumes by binding a new WEKA filesystem directory quota object to an existing persistent volume. +Once you bind legacy volumes to a single secret procedure, you can migrate the volumes by binding a new WEKA filesystem directory quota object to an existing persistent volume. WEKA provides a migration script that automates the process. @@ -72,9 +70,8 @@ Where: * ``: Specifies the filesystem name on which the CSI volumes are located. * ``: Optional parameter. Specifies the directory in the filesystem where the CSI volumes are stored. Set this parameter only if the directory differs from default values. -{% hint style="info" %} +**Note**: On a stateless client, you must specify the `--endpoint-address` to successfully mount a filesystem. However, if the container is part of the WEKA cluster (either client or backend), this is not necessary. -{% endhint %} Example: From fb27131093d210facb26e3d9ba0cec89c17b8f9d Mon Sep 17 00:00:00 2001 From: Ari Attias Date: Tue, 19 Nov 2024 18:45:24 +0200 Subject: [PATCH 22/63] Update storage-class-configurations.md: fix links --- docs/storage-class-configurations.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/storage-class-configurations.md b/docs/storage-class-configurations.md index 326ee2720..81c89109d 100644 --- a/docs/storage-class-configurations.md +++ b/docs/storage-class-configurations.md @@ -109,7 +109,7 @@ csi-wekafs-api-secret Opaque 5 7m All values in the secret data file must be in base64-encoded format. -
KeyDescriptionComments
usernameThe user name for API access to the WEKA cluster.

To run the CSI Plugin in a non-default organization, OrgAdmin permission is required. In other cases, ClusterAdmin permission is required.

It is recommended that you create a separate user for the CSI Plugin. See user-management.

passwordThe user password for API access to the WEKA cluster.
organizationThe WEKA organization name for the user.
For a single organization, use Root.		You can use multiple secrets to access multiple organizations, which are specified in different storage classes.
schemeThe URL scheme that is used for communicating with the WEKA cluster API.http or https can be used. The user must ensure that the Weka cluster was configured to use the same connection scheme.
endpoints

Comma-separated list of endpoints consisting of IP address and port. For example,

172.31.15.113:14000,172.31.12.91:14000

For redundancy, specify the management IP addresses of at least 2 backend servers.
localContainerNameWEKA client container name for the client connected to the relevant WEKA cluster.
Only required when connecting a K8s worker node to multiple WEKA clusters.
For a single cluster, do not set this parameter.

All local container names relevant to a specific WEKA cluster must be the same across all k8s worker nodes.

For details, see Connect k8s worker nodes to multiple WEKA clusters

autoUpdateEndpointsSpecify whether the WEKA CSI Plugin performs automatic periodic updates of API endpoints (true or false).

In cloud-based clusters with automatic scaling and healing, the IP addresses of management containers can change over time. To prevent losing API connectivity, the plugin can automatically retrieve all management container IP addresses from the cluster at login.

If using an external load balancer, set this option to false.

nfsTargetIpsA comma-separated list of IP addresses to use when publishing volumes over NFS.Normally, the system automatically retrieves IP addresses from the interface group defined on the WEKA cluster, leaving this parameter empty. However, if no Virtual IP addresses are set on the interface group (for example, in cloud environments), manually provide the IP addresses in this parameter.
caCertificatecustom CA certificate used to generate the HTTPS certificate for the WEKA cluster. The certificate must be in PEM format and Base64-encoded. As of WEKA version 4.3.0, HTTPS communication is mandatory. To ensure a secure connection without bypassing certificate checks, it's recommended to provide the certificate file within a secret.
+
KeyDescriptionComments
usernameThe user name for API access to the WEKA cluster.

To run the CSI Plugin in a non-default organization, OrgAdmin permission is required. In other cases, ClusterAdmin permission is required.

It is recommended that you create a separate user for the CSI Plugin. See [User management] (https://docs.weka.io/operation-guide/user-management).

passwordThe user password for API access to the WEKA cluster.
organizationThe WEKA organization name for the user.
For a single organization, use Root.		You can use multiple secrets to access multiple organizations, which are specified in different storage classes.
schemeThe URL scheme that is used for communicating with the WEKA cluster API.http or https can be used. The user must ensure that the Weka cluster was configured to use the same connection scheme.
endpoints

Comma-separated list of endpoints consisting of IP address and port. For example,

172.31.15.113:14000,172.31.12.91:14000

For redundancy, specify the management IP addresses of at least 2 backend servers.
localContainerNameWEKA client container name for the client connected to the relevant WEKA cluster.
Only required when connecting a K8s worker node to multiple WEKA clusters.
For a single cluster, do not set this parameter.

All local container names relevant to a specific WEKA cluster must be the same across all k8s worker nodes.

For details, see Connect k8s worker nodes to multiple WEKA clusters

autoUpdateEndpointsSpecify whether the WEKA CSI Plugin performs automatic periodic updates of API endpoints (true or false).

In cloud-based clusters with automatic scaling and healing, the IP addresses of management containers can change over time. To prevent losing API connectivity, the plugin can automatically retrieve all management container IP addresses from the cluster at login.

If using an external load balancer, set this option to false.

nfsTargetIpsA comma-separated list of IP addresses to use when publishing volumes over NFS.Normally, the system automatically retrieves IP addresses from the interface group defined on the WEKA cluster, leaving this parameter empty. However, if no Virtual IP addresses are set on the interface group (for example, in cloud environments), manually provide the IP addresses in this parameter.
caCertificatecustom CA certificate used to generate the HTTPS certificate for the WEKA cluster. The certificate must be in PEM format and Base64-encoded. As of WEKA version 4.3.0, HTTPS communication is mandatory. To ensure a secure connection without bypassing certificate checks, it's recommended to provide the certificate file within a secret.
## Connect K8s worker nodes to multiple WEKA clusters From 205daec796fa17bf52a945cbbdd3ee886fa1377d Mon Sep 17 00:00:00 2001 From: Ari Attias Date: Tue, 19 Nov 2024 18:50:58 +0200 Subject: [PATCH 23/63] Update storage-class-configurations.md fix linx --- docs/storage-class-configurations.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/storage-class-configurations.md b/docs/storage-class-configurations.md index 81c89109d..0eb060a53 100644 --- a/docs/storage-class-configurations.md +++ b/docs/storage-class-configurations.md @@ -109,7 +109,7 @@ csi-wekafs-api-secret Opaque 5 7m All values in the secret data file must be in base64-encoded format. -
KeyDescriptionComments
usernameThe user name for API access to the WEKA cluster.

To run the CSI Plugin in a non-default organization, OrgAdmin permission is required. In other cases, ClusterAdmin permission is required.

It is recommended that you create a separate user for the CSI Plugin. See [User management] (https://docs.weka.io/operation-guide/user-management).

passwordThe user password for API access to the WEKA cluster.
organizationThe WEKA organization name for the user.
For a single organization, use Root.		You can use multiple secrets to access multiple organizations, which are specified in different storage classes.
schemeThe URL scheme that is used for communicating with the WEKA cluster API.http or https can be used. The user must ensure that the Weka cluster was configured to use the same connection scheme.
endpoints

Comma-separated list of endpoints consisting of IP address and port. For example,

172.31.15.113:14000,172.31.12.91:14000

For redundancy, specify the management IP addresses of at least 2 backend servers.
localContainerNameWEKA client container name for the client connected to the relevant WEKA cluster.
Only required when connecting a K8s worker node to multiple WEKA clusters.
For a single cluster, do not set this parameter.

All local container names relevant to a specific WEKA cluster must be the same across all k8s worker nodes.

For details, see Connect k8s worker nodes to multiple WEKA clusters

autoUpdateEndpointsSpecify whether the WEKA CSI Plugin performs automatic periodic updates of API endpoints (true or false).

In cloud-based clusters with automatic scaling and healing, the IP addresses of management containers can change over time. To prevent losing API connectivity, the plugin can automatically retrieve all management container IP addresses from the cluster at login.

If using an external load balancer, set this option to false.

nfsTargetIpsA comma-separated list of IP addresses to use when publishing volumes over NFS.Normally, the system automatically retrieves IP addresses from the interface group defined on the WEKA cluster, leaving this parameter empty. However, if no Virtual IP addresses are set on the interface group (for example, in cloud environments), manually provide the IP addresses in this parameter.
caCertificatecustom CA certificate used to generate the HTTPS certificate for the WEKA cluster. The certificate must be in PEM format and Base64-encoded. As of WEKA version 4.3.0, HTTPS communication is mandatory. To ensure a secure connection without bypassing certificate checks, it's recommended to provide the certificate file within a secret.
+
KeyDescriptionComments
usernameThe user name for API access to the WEKA cluster.

To run the CSI Plugin in a non-default organization, OrgAdmin permission is required. In other cases, ClusterAdmin permission is required.

It is recommended that you create a separate user for the CSI Plugin. See [User management] (https://docs.weka.io/operation-guide/user-management/).

passwordThe user password for API access to the WEKA cluster.
organizationThe WEKA organization name for the user.
For a single organization, use Root.		You can use multiple secrets to access multiple organizations, which are specified in different storage classes.
schemeThe URL scheme that is used for communicating with the WEKA cluster API.http or https can be used. The user must ensure that the Weka cluster was configured to use the same connection scheme.
endpoints

Comma-separated list of endpoints consisting of IP address and port. For example,

172.31.15.113:14000,172.31.12.91:14000

For redundancy, specify the management IP addresses of at least 2 backend servers.
localContainerNameWEKA client container name for the client connected to the relevant WEKA cluster.
Only required when connecting a K8s worker node to multiple WEKA clusters.
For a single cluster, do not set this parameter.

All local container names relevant to a specific WEKA cluster must be the same across all k8s worker nodes.

For details, see Connect k8s worker nodes to multiple WEKA clusters

autoUpdateEndpointsSpecify whether the WEKA CSI Plugin performs automatic periodic updates of API endpoints (true or false).

In cloud-based clusters with automatic scaling and healing, the IP addresses of management containers can change over time. To prevent losing API connectivity, the plugin can automatically retrieve all management container IP addresses from the cluster at login.

If using an external load balancer, set this option to false.

nfsTargetIpsA comma-separated list of IP addresses to use when publishing volumes over NFS.Normally, the system automatically retrieves IP addresses from the interface group defined on the WEKA cluster, leaving this parameter empty. However, if no Virtual IP addresses are set on the interface group (for example, in cloud environments), manually provide the IP addresses in this parameter.
caCertificatecustom CA certificate used to generate the HTTPS certificate for the WEKA cluster. The certificate must be in PEM format and Base64-encoded. As of WEKA version 4.3.0, HTTPS communication is mandatory. To ensure a secure connection without bypassing certificate checks, it's recommended to provide the certificate file within a secret.
## Connect K8s worker nodes to multiple WEKA clusters From b0c8165d0daaba0c21cb2977a12508d5dcb3132c Mon Sep 17 00:00:00 2001 From: Ari Attias Date: Tue, 19 Nov 2024 18:53:03 +0200 Subject: [PATCH 24/63] Update storage-class-configurations.md --- docs/storage-class-configurations.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/storage-class-configurations.md b/docs/storage-class-configurations.md index 0eb060a53..a5bf466bd 100644 --- a/docs/storage-class-configurations.md +++ b/docs/storage-class-configurations.md @@ -109,7 +109,7 @@ csi-wekafs-api-secret Opaque 5 7m All values in the secret data file must be in base64-encoded format. -
KeyDescriptionComments
usernameThe user name for API access to the WEKA cluster.

To run the CSI Plugin in a non-default organization, OrgAdmin permission is required. In other cases, ClusterAdmin permission is required.

It is recommended that you create a separate user for the CSI Plugin. See [User management] (https://docs.weka.io/operation-guide/user-management/).

passwordThe user password for API access to the WEKA cluster.
organizationThe WEKA organization name for the user.
For a single organization, use Root.		You can use multiple secrets to access multiple organizations, which are specified in different storage classes.
schemeThe URL scheme that is used for communicating with the WEKA cluster API.http or https can be used. The user must ensure that the Weka cluster was configured to use the same connection scheme.
endpoints

Comma-separated list of endpoints consisting of IP address and port. For example,

172.31.15.113:14000,172.31.12.91:14000

For redundancy, specify the management IP addresses of at least 2 backend servers.
localContainerNameWEKA client container name for the client connected to the relevant WEKA cluster.
Only required when connecting a K8s worker node to multiple WEKA clusters.
For a single cluster, do not set this parameter.

All local container names relevant to a specific WEKA cluster must be the same across all k8s worker nodes.

For details, see Connect k8s worker nodes to multiple WEKA clusters

autoUpdateEndpointsSpecify whether the WEKA CSI Plugin performs automatic periodic updates of API endpoints (true or false).

In cloud-based clusters with automatic scaling and healing, the IP addresses of management containers can change over time. To prevent losing API connectivity, the plugin can automatically retrieve all management container IP addresses from the cluster at login.

If using an external load balancer, set this option to false.

nfsTargetIpsA comma-separated list of IP addresses to use when publishing volumes over NFS.Normally, the system automatically retrieves IP addresses from the interface group defined on the WEKA cluster, leaving this parameter empty. However, if no Virtual IP addresses are set on the interface group (for example, in cloud environments), manually provide the IP addresses in this parameter.
caCertificatecustom CA certificate used to generate the HTTPS certificate for the WEKA cluster. The certificate must be in PEM format and Base64-encoded. As of WEKA version 4.3.0, HTTPS communication is mandatory. To ensure a secure connection without bypassing certificate checks, it's recommended to provide the certificate file within a secret.
+
KeyDescriptionComments
usernameThe user name for API access to the WEKA cluster.

To run the CSI Plugin in a non-default organization, OrgAdmin permission is required. In other cases, ClusterAdmin permission is required.

It is recommended that you create a separate user for the CSI Plugin. See https://docs.weka.io/operation-guide/user-management/.

passwordThe user password for API access to the WEKA cluster.
organizationThe WEKA organization name for the user.
For a single organization, use Root.		You can use multiple secrets to access multiple organizations, which are specified in different storage classes.
schemeThe URL scheme that is used for communicating with the WEKA cluster API.http or https can be used. The user must ensure that the Weka cluster was configured to use the same connection scheme.
endpoints

Comma-separated list of endpoints consisting of IP address and port. For example,

172.31.15.113:14000,172.31.12.91:14000

For redundancy, specify the management IP addresses of at least 2 backend servers.
localContainerNameWEKA client container name for the client connected to the relevant WEKA cluster.
Only required when connecting a K8s worker node to multiple WEKA clusters.
For a single cluster, do not set this parameter.

All local container names relevant to a specific WEKA cluster must be the same across all k8s worker nodes.

For details, see Connect k8s worker nodes to multiple WEKA clusters

autoUpdateEndpointsSpecify whether the WEKA CSI Plugin performs automatic periodic updates of API endpoints (true or false).

In cloud-based clusters with automatic scaling and healing, the IP addresses of management containers can change over time. To prevent losing API connectivity, the plugin can automatically retrieve all management container IP addresses from the cluster at login.

If using an external load balancer, set this option to false.

nfsTargetIpsA comma-separated list of IP addresses to use when publishing volumes over NFS.Normally, the system automatically retrieves IP addresses from the interface group defined on the WEKA cluster, leaving this parameter empty. However, if no Virtual IP addresses are set on the interface group (for example, in cloud environments), manually provide the IP addresses in this parameter.
caCertificatecustom CA certificate used to generate the HTTPS certificate for the WEKA cluster. The certificate must be in PEM format and Base64-encoded. As of WEKA version 4.3.0, HTTPS communication is mandatory. To ensure a secure connection without bypassing certificate checks, it's recommended to provide the certificate file within a secret.
## Connect K8s worker nodes to multiple WEKA clusters From 0454366b9880f585d52119f2808099f0bd84df26 Mon Sep 17 00:00:00 2001 From: Ari Attias Date: Thu, 21 Nov 2024 11:34:09 +0200 Subject: [PATCH 25/63] Update README.md: removed reference to doc.weka.io --- README.md | 3 --- 1 file changed, 3 deletions(-) diff --git a/README.md b/README.md index d6c462d37..f0ecae7ec 100644 --- a/README.md +++ b/README.md @@ -29,9 +29,6 @@ https://github.com/weka/csi-wekafs - [SELinux Support & Installation Notes](selinux/README.md) - [Using Weka CSI Plugin with NFS transport](docs/NFS.md) -## Additional Documentation -- [Official Weka CSI Plugin documentation](https://docs.weka.io/appendices/weka-csi-plugin) - ## Building the binaries If you want to build the driver yourself, you can do so with the following command from the root directory: From 07e684dd7c73b8ea9fe46cfb88aa535907753bb3 Mon Sep 17 00:00:00 2001 From: Ari Attias Date: Thu, 21 Nov 2024 12:09:56 +0200 Subject: [PATCH 26/63] Update NFS.md: adjusted for TW clarity --- docs/NFS.md | 295 +++++++++++++++++++++++++--------------------------- 1 file changed, 140 insertions(+), 155 deletions(-) diff --git a/docs/NFS.md b/docs/NFS.md index 44bccbde7..872f7065b 100644 --- a/docs/NFS.md +++ b/docs/NFS.md @@ -1,181 +1,166 @@ -# Weka CSI Plugin with NFS transport +# WEKA CSI Plugin with NFS transport ## Overview -Although using native WekaFS driver as the underlying storage connectivity layer is recommended way to use WekaFS with Kubernetes, -it is also possible to use the Weka CSI Plugin over NFS transport. -This allows you to use WekaFS as a storage backend for your Kubernetes cluster without the need to install the Weka client on each Kubernetes node. - -### Benefits of using Weka CSI Plugin with NFS transport -- **Simplified deployment**: No need to install the Weka client on each Kubernetes node -- **Interoperability**: Use Weka CSI Plugin on nodes where the Weka client is not yet installed, or is not currently supported -- **Flexibility**: Use Weka CSI Plugin with NFS transport for specific use-cases, while using the native WekaFS driver for other use-cases -- **Performance**: Pods are mounted across multiple IPs on the same NFS interface group, maximizing performance and simplifying management -- **Ease of migration**: Use Weka CSI Plugin with NFS transport as a stepping stone to migrate to the native WekaFS driver. - After deployment of the Weka client on all nodes, you can switch to the native WekaFS driver without changing the storage configuration - by simply rebooting the node. - -### Limitations and Constraints -- **Performance**: NFS transport is not as performant as the native WekaFS driver and it is not recommended for high-performance workloads -- **Feature Parity**: Some features and capabilities of the native WekaFS driver are not available when using the Weka CSI Plugin with NFS transport -- **Complexity**: NFS transport requires additional configuration on the Weka cluster, and may require additional networking configuration on the Kubernetes cluster -- **Interoperability**: Same Kubernetes node cannot use both NFS and WekaFS transport at the same time -- **Migration**: Migrating from NFS transport to WekaFS transport requires rebooting the Kubernetes nodes (after Weka client deployment) -- **Network Configuration**: NFS interface group IP addresses must be accessible from the Kubernetes cluster nodes -- **Security**: NFS transport is less secure than the native WekaFS driver, and may require additional security considerations -- **QoS**: QoS is not supported for NFS transport -- **Organizations and Multitenancy**: NFS transport can be used only for filesystems in `Root` organization. - If you need to use a filesystem in a different organization, you must use the native WekaFS driver. - -### Host Network Mode -Weka CSI Plugin will automatically install in `hostNetwork` mode when using NFS transport. -Since hostNetwork mode is required for NFS transport, the `hostNetwork` parameter in the `values.yaml` file is ignored in such case. - -### Security Considerations -- The Weka CSI Plugin with NFS transport uses NFSv4.1 protocol to connect to the Weka cluster. -- Support for Kerberos authentication is not available in this version of Weka CSI Plugin. -- It is recommended to use NFS transport only in secure and trusted networks. - -## Interoperability with WekaFS driver -The Weka CSI Plugin with NFS transport is fully interoperable with the native WekaFS driver. - -This means that you can use both WekaFS transport and NFS in the same Kubernetes cluster, -and even for publishing the same volume to different pods using different transport layers (from different nodes). -However, only one transport layer can be used on a single node at a time. - -### Mount options -Mount options for the NFS transport are set automatically by the Weka CSI Plugin. When custom mount options are used in storage class, -the Weka CSI Plugin will translate them to NFS alternatives. Unknown or unsupported mount options will be ignored. - -### QoS and Performance -QoS is not supported for NFS transport. Performance is limited by the NFS protocol and the network configuration. - -### Scheduling Workloads by Transport Protocol -Weka CSI Plugin node server populates the transport protocol in the node topology. -This allows you to use node affinity rules to force workloads to use WekaFS transport on nodes where the Weka client is installed. -For example, in hybrid deployments where some nodes have the Weka client installed and some do not, -the administrator would prefer storage-intensive workloads to run on nodes with the Weka client installed, while more generic workloads can run on other nodes. - -In order to force a workload to a certain transport type, a nodeSelector can be applied to the workload manifest. -#### An example of a nodeSelector for WekaFS transport: +While using the native WekaFS driver as the storage connectivity layer is the recommended approach for integrating WekaFS with Kubernetes, version 2.5.0 introduces the option to utilize the WEKA CSI Plugin over NFS transport. This allows you to employ WekaFS as a storage backend for your Kubernetes cluster without requiring the installation of the WEKA client on every Kubernetes node. + +### Benefits of using WEKA CSI Plugin with NFS transport + +* **Simplified deployment**: Eliminate the need to install the WEKA client on each Kubernetes node. +* **Interoperability**: Use the WEKA CSI Plugin on nodes where the WEKA client is not yet installed or unsupported. +* **Flexibility**: For specific use cases, leverage the WEKA CSI Plugin with NFS transport while continuing to use the native WekaFS driver for others. +* **Performance**: Mount pods across multiple IPs within the same NFS interface group, maximizing performance and simplifying management. +* **Ease of migration**: Use the WEKA CSI Plugin with NFS transport as an interim solution while transitioning to the native WekaFS driver. Once the WEKA client is deployed on all nodes, you can switch to the native WekaFS driver without altering the storage configuration—reboot the node. + +### Limitations and constraints + +**Warning**:** +As of version 2.5.0 and until further notice, publishing snapshot-backed volumes via NFS transport is not recommended. This is an open issue currently under investigation. + +* **Feature parity**: Certain features and capabilities available with the native WekaFS driver may be absent when using the WEKA CSI Plugin with NFS transport. +* **Complexity**: NFS transport necessitates additional configuration on the WEKA cluster and may require further networking setup on the Kubernetes cluster. +* **Interoperability**: A single Kubernetes node cannot simultaneously use NFS and WekaFS transport. +* **Migration**: Transitioning from NFS transport to WekaFS transport requires rebooting the Kubernetes nodes after deploying the WEKA client. +* **Network configuration**: NFS interface group IP addresses must be accessible from the Kubernetes cluster nodes. +* **Security**: NFS transport is generally less secure than the native WekaFS driver and may necessitate additional security measures. +* **Quality of Service (QoS)**: QoS is not supported with NFS transport. + +### Host Network mode + +The WEKA CSI Plugin installs automatically in `hostNetwork` mode when using NFS transport. `hostNetwork` mode is required for NFS transport, so the `hostNetwork` parameter in the `values.yaml` file is ignored. + +### Security considerations + +The WEKA CSI Plugin with NFS transport uses NFSv4.1 (default) or NFSv3 protocols to connect to the WEKA cluster. However, support for Kerberos authentication is not available in this version of the WEKA CSI Plugin. Therefore, using NFS transport only in secure and trusted networks is recommended. + +### Interoperability with WekaFS driver + +The WEKA CSI Plugin with NFS transport is fully interoperable with the native WekaFS driver. This allows you to use WekaFS transport and NFS within the same Kubernetes cluster, including publishing the same volume to different pods using different transport layers from different nodes. However, only one transport layer can be used on a single node at any time. + +#### Mount options + +The WEKA CSI Plugin automatically sets mount options for NFS transport. When custom mount options are specified in the storage class, the WEKA CSI Plugin translates them into NFS alternatives. Any unknown or unsupported mount options are ignored. + +#### QoS and performance + +NFS transport does not support quality of Service (QoS). The NFS protocol and the network configuration constrain performance. + +#### Scheduling workloads by transport protocol + +The WEKA CSI Plugin node server populates the transport protocol in the node topology. This feature enables node affinity rules to direct workloads to use WekaFS transport on nodes where the WEKA client is installed. For example, in hybrid deployments where some nodes have the WEKA client installed while others do not, administrators may prefer to run storage-intensive workloads on nodes with the WEKA client, allowing more generic workloads to operate on other nodes. + +A `nodeSelector` can be applied in the workload manifest to enforce a specific transport type for a workload. + +**Example: a nodeSelector for WekaFS transport** + ```yaml nodeSelector: topology.weka.com/transport: wekafs ``` -#### An example of a nodeSelector for NFS transport: + +**Example: a nodeSelector for NFS transport** + ```yaml nodeSelector: topology.weka.com/transport: nfs -``` -### Switching from NFS to WekaFS transport -To switch between NFS and WekaFS transport, you need to: -1. Install the Weka client on Kubernetes node -2. Reboot the Kubernetes node - -After the node is rebooted, the Weka CSI Plugin will automatically switch to using the WekaFS transport. -Existing volumes can be reattached to the pods without any changes. - -## Prerequisites -Those are the minimum prerequisites for using Weka CSI Plugin with NFS transport: - -- Weka cluster must be installed and configured -- NFS protocol must be configured on the Weka cluster -- NFS interface group must be created on the Weka cluster -- NFS interface group IP addresses must be accessible from the Kubernetes cluster nodes - -> **WARNING:** When multiple NFS interface groups are defined on Weka clusters, -> the `pluginConfig.mountProtocol.interfaceGroupName` parameter must be set to the desired NFS interface group name in the `values.yaml` file. -> If the parameter is not set, an arbitrary NFS interface group will be used, that could potentially cause performance or networking issues. - -> **NOTE**: NFS Client group called `WekaCSIPluginClients` is created automatically by the Weka CSI Plugin. -> Then, upon each volume creation or publishing, the Kubernetes node IP address is added to the NFS Client group automatically. -> -> Although, adding the node IP addresses one by one is the most secure way to configure the NFS Client group, this could become cumbersome in large deployments. -> In such case, using a network range (CIDR) is recommended. -> You may predefine the NFS Client group with a network range (CIDR) in the Weka cluster, and then use the `pluginConfig.mountProtocol.nfsClientGroupName` -> parameter in the `values.yaml` file to specify the NFS Client group name. - -## Way of Operation -The Weka CSI Plugin with NFS transport operates in the following way: -Upon start of the Weka CSI Plugin, the plugin will: -1. Check if the Weka client is installed on the Kubernetes node -2. If client is not set up, the plugin will check whether NFS failback is enabled -3. If NFS failback is enabled, the plugin will use NFS transport for volume provisioning and publishing -4. If NFS failback is disabled, the plugin will not start and will log an error message. - Refer to the [Installation](#installation) section for enabling NFS failback. - -Once NFS mode is enabled, the Weka CSI Plugin will use NFS transport for all volume operations. -In such case, upon any volume create or publish request, the Weka CSI Plugin will: -1. Connect to Weka cluster API and fetch interface groups (and their IP addresses) - If interface group name is specified in the `values.yaml` file, - the plugin will use the specified interface group, otherwise an arbitraty interface group will be used. -2. Ensure that Client Group is created on the Weka cluster. - If the Client Group is not created, the plugin will create it. - > **NOTE:** If client group name is specified in the `values.yaml` file, the plugin will use the specified client group name, - > otherwise `WekaCSIPluginClients` client group will be used. -3. Determine the node IP address facing the inteface group IP addresses. This will be done by checking the network configuration of the node - Then, the Weka CSI plugin will issue a UDP connection towards one of the IP addresses of the interface group, - The source IP address of the connection will be determined by the plugin and will be used as the `node IP address`. -4. Ensure that the `node IP address` is added to the Client Group. - If the node IP address is not added, the plugin will add it to the Client Group. - If client group already has the node IP address (or it has a matching CIDR definition), the plugin will skip this step. - > **EXAMPLE:** If the node IP address is `192.168.100.1` and the client group is defined with a network range `192.168.100.0/255.255.255.0`, - > node IP address will not be added -5. Identify the filesystem name to be mounted, either from StorageClass parameters (provisioning), - or from Volume Handle (for publishing an existing volume). -6. Ensure that NFS permission exists for the Client Group to access the filesystem. - If the permission is not set, the plugin will set it. If the permission is already set, the plugin will skip this step. -7. Pick up a random IP address from the selected NFS interface group. - This IP address will be used for mounting the filesystem. -8. Perform NFS mount operation on the Kubernetes node using the selected IP address and the filesystem name. -9. Rest of the operations will be performed in a similar way as with the native WekaFS driver. - -## NFS Permissions Required for Weka CSI Plugin -The Weka CSI Plugin requires AND will set the following NFS permissions on the Weka cluster: -1. **Client Group**: `WekaCSIPluginClients` (or custom client group name if set in the `values.yaml` file) +#### Switching from NFS to WekaFS transport + +To switch from NFS to WekaFS transport, follow these steps: + +1. Install the WEKA client on the Kubernetes node. +2. Reboot the Kubernetes node. + +After rebooting, the WEKA CSI Plugin automatically switches to WekaFS transport. Existing volumes can be reattached to the pods without any changes. + +## Minimum prerequisites for using WEKA CSI Plugin with NFS transport + +* **WEKA cluster installation**: The WEKA cluster must be installed and configured. +* **NFS protocol configuration**: The NFS protocol must be configured on the WEKA cluster. +* **NFS interface group creation**: An NFS interface group must be created on the WEKA cluster. +* **Accessibility of IP addresses**: NFS interface group IP addresses must be accessible from the Kubernetes cluster nodes. + +Adhere to the following considerations: + +* **Interface group name configuration**: If multiple NFS interface groups are defined, set the `pluginConfig.mountProtocol.interfaceGroupName` parameter to the desired NFS interface group name in the `values.yaml` file. An arbitrary NFS interface group is used if this parameter is not set, which may lead to performance or networking issues. +* **NFS client group**: The plugin automatically creates an NFS client group called `WekaCSIPluginClients`. The Kubernetes node IP address is added to this group during each volume creation or publishing. +* **IP address configuration**: While adding node IP addresses one by one is the most secure method for configuring the NFS client group, it can be cumbersome for large deployments. In such cases, a network range (CIDR) is recommended. Predefine the NFS client group with a network range in the WEKA cluster, then specify the NFS client group name using the `pluginConfig.mountProtocol.nfsClientGroupName` parameter in the `values.yaml` file. + +## WEKA CSI Plugin operation over NFS transport + +Upon starting, the WEKA CSI Plugin performs the following steps: + +1. **Check WEKA client installation**: Verifies if the WEKA client is installed on the Kubernetes node. +2. **NFS failback check**: + * If the WEKA client is not set up, the plugin checks if NFS failback is enabled or if NFS use is forced. + * If NFS failback is enabled, the plugin uses NFS transport for volume provisioning and publishing. + * If NFS failback is disabled, the plugin does not start and logs an error message. See the section to enable NFS failback. + +The plugin uses NFS transport for all volume operations when NFS mode is enabled. For any volume creation or publishing request, the WEKA CSI plugin performs the following: + +1. **Connect to WEKA Cluster API**: Fetch interface groups and their IP addresses. If an interface group name is specified in the `values.yaml` file, the plugin uses that; otherwise, it selects an arbitrary interface group. +2. **Client group verification**: Ensure the Client Group exists on the WEKA cluster. If it does not, the plugin creates it. +3. **Determine node IP address**: Identify the IP address facing the interface group IP addresses by checking the node's network configuration. The plugin issues a UDP connection to one of the interface group IP addresses, using the determined source IP address as the node IP address. +4. **Add node IP to client group**: Confirm the node IP address is included in the Client Group. If not, the plugin adds it. This step is skipped if the Client Group already contains the node IP address or a matching CIDR definition. + * **Example**: For two nodes with IP addresses 192.168.100.1 and 192.168.200.1, if the Client Group has a rule for 192.168.100.0/255.255.255.0, no new rule is added for the first node. However, a new rule 192.168.200.1/255.255.255.255 is created for the second node. +5. **Identify filesystem**: Determine the filesystem name to be mounted from StorageClass parameters (during provisioning) or the Volume Handle (when publishing an existing volume). +6. **NFS permissions**: Ensure that NFS permissions are granted for the Client Group to access the filesystem. If permissions are not set, the plugin establishes them. If permissions are already in place, this step is skipped. +7. **Select random IP address**: Select a random IP address from the selected NFS interface group to mount the filesystem. +8. **NFS mount operation**: Perform the NFS mount operation on the Kubernetes node using the selected IP address and filesystem name. +9. **Subsequent operations**: + * Execute remaining operations similarly to how they would be done with the native WekaFS driver. + * If a client group name is specified in the `values.yaml` file, the plugin uses that name; otherwise, it defaults to the `WekaCSIPluginClients` client group. + +## NFS permissions required for WEKA CSI Plugin + +The WEKA CSI Plugin requires specific NFS permissions, which it automatically configures on the WEKA cluster. These permissions are as follows: + +1. **Client Group**: `WekaCSIPluginClients` (or a custom client group name if specified in the `values.yaml` file) 2. **Filesystem**: The filesystem name to be mounted -3. **Path**: `/` (root of the filesystem) +3. **Path**: `/` (root directory of the filesystem) 4. **Type**: `RW` -5. **Priority**: No priority set -6. **Supported Versions**: `V4` +5. **Priority**: No priority is set +6. **Supported Versions**: `V3, V4` 7. **User Squash**: `None` 8. **Authentication Types**: `NONE`, `SYS` -> **WARNING:** Weka NFS servers will evaluate permissions based on the order of the permissions list. -> If multiple permissions matching the IP address of the Kubernetes node and the filesystem are set, a conflict might occur. -> Hence, it is **highly recommended** not creating additional permissions for the same filesystem -> Also, if multiple client groups are used, it is highly recommended to make sure that IP addresses are not overlapping between client groups. +**Warning**: +WEKA NFS servers evaluate permissions based on the order in the permissions list. +If multiple permissions match the IP address of the Kubernetes node and filesystem, a conflict may occur. +Therefore, it is strongly recommended not to create additional permissions for the same filesystem. +Additionally, if multiple client groups are used, ensure that the IP addresses of the groups do not overlap. + +## WEKA cluster preparation + +Before using the WEKA CSI Plugin with NFS transport, prepare the WEKA cluster for NFS access. This preparation involves: -## WEKA Cluster Preparation -Before using the Weka CSI Plugin with NFS transport, the Weka cluster must be prepared for NFS access. -This includes configuring the NFS protocol on the Weka cluster, creating an NFS interface group, and configuring at least 1 Group IP address +* Configuring the NFS protocol on the WEKA cluster. +* Creating an NFS interface group. +* Configuring at least one Group IP address. -Alternatively, in cloud deployments where setting a Group IP address is not possible, the Weka server IP addresses can be used instead. -In such case, the IP addresses may be set via the API secret and will be used instead of the Group IP addresses. +In cloud deployments where setting a Group IP address is impossible, you can use the WEKA server IP addresses instead. In this case, set the IP addresses through the API secret to replace the Group IP addresses. This configuration can be done by providing the `nfsTargetIps` parameter in the API secret. For more details, see [API secret example](../examples/common/csi-wekafs-api-secret.yaml). -This can be set up by providing `nfsTargetIps` parameter in the API secret. Refer to the [API secret example](../examples/common/csi-wekafs-api-secret.yaml) for more information. -> **WARNING:** Using an NFS load balancer that forwards NFS connection to multiple Weka servers is not supported at this moment. +**Note**:** +Using an NFS load balancer that redirects NFS connections to multiple WEKA servers (also known as NFSv4 directory referrals) is not supported. -## Installation -By default, Weka CSI Plugin components will not start unless Weka driver is not detected on Kubernetes node. -This is to prevent a potential misconfiguration where volumes are attempted to be provisioned or published on node while no Weka client is installed. +## Install the WEKA CSI Plugin with NFS transport -To enable NFS transport, Weka CSI plugin must be explicitly configured for using NFS failback. -This is done by setting the `pluginConfig.mountProtocol.allowNfsFailback` parameter to `true` in the `values.yaml` file. +By default, the WEKA CSI Plugin components do not start if a WEKA driver is detected on a Kubernetes node. This prevents potential misconfigurations where volumes may be provisioned or published on a node without an installed WEKA client. -The parameter `pluginConfig.mountProtocol.useNfs` enforces the use of NFS transport even if Weka client is installed on the node, -and recommended to be set to `true` ONLY for testing. +**Procedure** -Follow the [Helm installation instructions](../charts/csi-wekafsplugin/README.md) to install the Weka CSI Plugin. -Most of the installation steps are the same as for the native WekaFS driver, however, additional parameters should be set in the `values.yaml` file, -or passed as command line arguments to the `helm install` command. +1. **Configure NFS failback:** Explicitly configure the WEKA CSI Plugin to use NFS failback by setting the `pluginConfig.mountProtocol.allowNfsFailback` parameter to `true` in the `values.yaml` file. +2. **Set NFS transport enforcement (optional):** If you want to enforce the use of NFS transport even when the WEKA client is installed on the node, set the `pluginConfig.mountProtocol.useNfs` parameter to `true`. This option is recommended for testing purposes only. +3. **Follow Helm installation instructions:** Follow the [Helm installation instructions](../charts/csi-wekafsplugin/README.md) to install the WEKA CSI Plugin. Most installation steps are similar to those for the native WekaFS driver. +4. **Set additional parameters:** You can set any additional parameters in the `values.yaml` file or pass them as command-line arguments to the Helm install command. +5. **Run the Helm install command:** Run the following example Helm install command for using NFS transport: -This is the example Helm install command for using NFS transport: -```console -helm upgrade csi-wekafs -n csi-wekafs --create-namespace --install csi-wekafs/csi-wekafsplugin csi-wekafs\ +```bash +helm upgrade csi-wekafs -n csi-wekafs --create-namespace --install csi-wekafs/csi-wekafsplugin csi-wekafs \ --set logLevel=6 \ ---set pluginConfig.mountProtocol.alloeNfsFailback=true \ +--set pluginConfig.mountProtocol.allowNfsFailback=true \ --set pluginConfig.allowInsecureHttps=true \ -[ --set pluginConfig.mountProtocol.interfaceGroupName=MyIntefaceGroup \ ] # optional, recommended if multiple interface groups are defined -[ --set pluginConfig.mountProtocol.clientGroupName=MyClientGroup \ ] # optional, recommended if client group is predefined +[ --set pluginConfig.mountProtocol.interfaceGroupName=MyInterfaceGroup \ ] +# optional, recommended if multiple interface groups are defined +[ --set pluginConfig.mountProtocol.clientGroupName=MyClientGroup \ ] +# optional, recommended if the client group is predefined ``` From ce4c77d072b8fea3fa15c6dd7c54e2b7b77beddf Mon Sep 17 00:00:00 2001 From: Ari Attias Date: Thu, 21 Nov 2024 12:11:11 +0200 Subject: [PATCH 27/63] Update NFS.md: added ``` --- docs/NFS.md | 1 + 1 file changed, 1 insertion(+) diff --git a/docs/NFS.md b/docs/NFS.md index 872f7065b..670cc8189 100644 --- a/docs/NFS.md +++ b/docs/NFS.md @@ -62,6 +62,7 @@ nodeSelector: ```yaml nodeSelector: topology.weka.com/transport: nfs +``` #### Switching from NFS to WekaFS transport From e8cfe6e5eed6025a5b7f6a252c9edb73db6281d7 Mon Sep 17 00:00:00 2001 From: Ari Attias Date: Thu, 21 Nov 2024 12:13:52 +0200 Subject: [PATCH 28/63] Update NFS.mdL typo --- docs/NFS.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/NFS.md b/docs/NFS.md index 670cc8189..7068f93ed 100644 --- a/docs/NFS.md +++ b/docs/NFS.md @@ -140,7 +140,7 @@ Before using the WEKA CSI Plugin with NFS transport, prepare the WEKA cluster fo In cloud deployments where setting a Group IP address is impossible, you can use the WEKA server IP addresses instead. In this case, set the IP addresses through the API secret to replace the Group IP addresses. This configuration can be done by providing the `nfsTargetIps` parameter in the API secret. For more details, see [API secret example](../examples/common/csi-wekafs-api-secret.yaml). -**Note**:** +**Note**: Using an NFS load balancer that redirects NFS connections to multiple WEKA servers (also known as NFSv4 directory referrals) is not supported. ## Install the WEKA CSI Plugin with NFS transport From 0404b511ce95d874ac1b9883e208e4cf5ed8e552 Mon Sep 17 00:00:00 2001 From: Ari Attias Date: Thu, 21 Nov 2024 12:16:04 +0200 Subject: [PATCH 29/63] Update NFS.md: format typo --- docs/NFS.md | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/docs/NFS.md b/docs/NFS.md index 7068f93ed..0b7a76739 100644 --- a/docs/NFS.md +++ b/docs/NFS.md @@ -13,7 +13,7 @@ While using the native WekaFS driver as the storage connectivity layer is the re ### Limitations and constraints -**Warning**:** +**Warning**: As of version 2.5.0 and until further notice, publishing snapshot-backed volumes via NFS transport is not recommended. This is an open issue currently under investigation. * **Feature parity**: Certain features and capabilities available with the native WekaFS driver may be absent when using the WEKA CSI Plugin with NFS transport. @@ -149,11 +149,11 @@ By default, the WEKA CSI Plugin components do not start if a WEKA driver is dete **Procedure** -1. **Configure NFS failback:** Explicitly configure the WEKA CSI Plugin to use NFS failback by setting the `pluginConfig.mountProtocol.allowNfsFailback` parameter to `true` in the `values.yaml` file. -2. **Set NFS transport enforcement (optional):** If you want to enforce the use of NFS transport even when the WEKA client is installed on the node, set the `pluginConfig.mountProtocol.useNfs` parameter to `true`. This option is recommended for testing purposes only. -3. **Follow Helm installation instructions:** Follow the [Helm installation instructions](../charts/csi-wekafsplugin/README.md) to install the WEKA CSI Plugin. Most installation steps are similar to those for the native WekaFS driver. -4. **Set additional parameters:** You can set any additional parameters in the `values.yaml` file or pass them as command-line arguments to the Helm install command. -5. **Run the Helm install command:** Run the following example Helm install command for using NFS transport: +1. **Configure NFS failback**: Explicitly configure the WEKA CSI Plugin to use NFS failback by setting the `pluginConfig.mountProtocol.allowNfsFailback` parameter to `true` in the `values.yaml` file. +2. **Set NFS transport enforcement (optional)**: If you want to enforce the use of NFS transport even when the WEKA client is installed on the node, set the `pluginConfig.mountProtocol.useNfs` parameter to `true`. This option is recommended for testing purposes only. +3. **Follow Helm installation instructions**: Follow the [Helm installation instructions](../charts/csi-wekafsplugin/README.md) to install the WEKA CSI Plugin. Most installation steps are similar to those for the native WekaFS driver. +4. **Set additional parameters**: You can set any additional parameters in the `values.yaml` file or pass them as command-line arguments to the Helm install command. +5. **Run the Helm install command**: Run the following example Helm install command for using NFS transport: ```bash helm upgrade csi-wekafs -n csi-wekafs --create-namespace --install csi-wekafs/csi-wekafsplugin csi-wekafs \ From 7a10b468538cfc10fb805bab84aa3829b55ede5e Mon Sep 17 00:00:00 2001 From: Ari Attias Date: Thu, 21 Nov 2024 12:38:25 +0200 Subject: [PATCH 30/63] Update README.md: migrated from the doc --- selinux/README.md | 306 +++++++++++++++++++++++++--------------------- 1 file changed, 164 insertions(+), 142 deletions(-) diff --git a/selinux/README.md b/selinux/README.md index 4d70c4baa..e09676d4a 100644 --- a/selinux/README.md +++ b/selinux/README.md @@ -1,142 +1,164 @@ -# CSI WekaFS SELinux Support - -## General Information -When installing Weka CSI plugin on SELinux-enabled Kubernetes cluster, pods might be denied access -to the persistent volumes provisioned on top of Weka filesystem. - -The reason behind this is a lack of permissions for containers to access objects stored on Weka cluster. - -In this directory you can find a custom policy that provides all the necessary security configuration to optionally -enable pod access to WekaFS-based Persistent Volumes, and it should be applied -on each Kubernetes worker node that is intended to service WekaFS-based persistent volumes. - -The provided policy allows processes with `container_t` seclabel to access objects having `wekafs_t` label (which is set for all files and directories of mounted CSI volumes). - -The policy comes both as a Type Enforcement file, and as a precompiled policy package. -In order to use Weka CSI Plugin with SELinux enforcement, the following steps must be performed: - -## Custom SELinux Policy Installation -1. Distribute the SELinux policy package to all Kubernetes nodes, by using either one of those options: - * Clone Weka CSI Plugin Github repository, by issuing - ```shell - git clone https://github.com/weka/csi-wekafs.git - ``` - * Copy the content of `selinux` directory directly to Kubernetes nodes -2. Apply the policy package directly by issuing: - ```shell - $ semodule -i csi-wekafs.pp - ``` - Check that the policy was applied correctly: - ```shell - $ getsebool -a | grep wekafs - container_use_wekafs --> off - ``` - If the output matches mentioned above, skip to step 4. Otherwise, proceed to step 3 to build the policy from sources. -3. In certain circumstances (e.g. different Kernel version or Linux distribution), - the pre-compiled policy installation could fail. In this case, the policy must be built - and installed from source by following the procedure below. - ```shell - $ checkmodule -M -m -o csi-wekafs.mod csi-wekafs.te - $ semodule_package -o csi-wekafs.pp -m csi-wekafs.mod - $ make -f /usr/share/selinux/devel/Makefile csi-wekafs.pp - $ semodule -i csi-wekafs.pp - ``` - > **NOTE:** for this purpose, `policycoreutils-devel` package - > (or its alternative in case of Linux distribution different from RedHat family) is required - - Check that the policy was applied correctly: - ```shell - $ getsebool -a | grep wekafs - container_use_wekafs --> off - ``` - -4. The policy provides a boolean setting which allows on-demand enablement of relevant permissions. - To enable WekaFS CSI volumes access from pods, perform the command - ```shell - $ setsebool container_use_wekafs=on - ``` - To disable access, perform the command - ```shell - $ setsebool container_use_wekafs=off - ``` - The configuration changes are applied immediately. - -## CSI Plugin Installation and Configuration -1. Weka CSI Plugin must be installed in a SELinux-compatible mode to correctly label volumes. - This can be done by setting the `selinuxSupport` value to either `"enforced"` or `"mixed"`, either via editing values.yaml or by passing the parameter directly in Helm installation command, e.g. - ```shell - $ helm install --upgrade csi-wekafsplugin csi-wekafs/csi-wekafsplugin --namespace csi-wekafsplugin --create-namespace --set selinuxSupport=enforced - ``` - > **NOTE:** `enforced` and `mixed` modes are supported for CSI SELinux support. - > * When `selinuxSupport` is set to `enforced`, only SELinux-enabled CSI plugin node components will be installed - > * When `selinuxSupport` is set to `mixed`, both non-SELinux and SELinux-enabled components will be installed - > * When `selinuxSupport` is set to `off`, only non-SELinux CSI plugin node components will be installed. - > - > **NOTE:** Since SELinux status cannot be known from within CSI plugin pod, - > a certain way of distinguishing between SELinux-enabled and non-SELinux nodes needs to be established. - > Binding of relevant CSI node component to node is mutually exclusive and relies on node affinity mechanism by matching host labels. - Hence, the following label must be set on each SELinux-enabled Kubernetes node to ensure the plugin start in compatibility mode: - ```shell - csi.weka.io/selinux_enabled="true" - ``` - > **NOTE:** If another label stating SELinux support is already maintained on nodes, the expected label name may be changed by editing the `selinuxNodeLabel` parameter - > by either modifying it in `values.yaml` or by setting it directly during plugin installation, e.g. - > ```shell - > $ helm install --upgrade csi-wekafsplugin csi-wekafs/csi-wekafsplugin --namespace csi-wekafsplugin --create-namespace --set selinuxSupport=mixed --set selinuxNodeLabel="selinux_enabled" - > ``` - - > **NOTE:** If node label was modified after Weka CSI Plugin node component has already - > deployed on that node, terminate the csi-wekafs-node-XXXX component on the affected node, - > a replacement pod will be scheduled on the node automatically, but with correct SELinux configuration. - -## Checking Plugin Operation & Troubleshooting - -1. Make sure you have configured a valid CSI API [`secret`](../examples/common/csi-wekafs-api-secret.yaml),Create a valid Weka CSI Plugin [`storageClass`](../examples/dynamic_api) - > **NOTE:** If using an example `storageClass`, make sure to update endpoints and credentials prior to apply -2. Provision a [`PersistentVolumeClaim`](../examples/dynamic_directory/pvc-wekafs-dir-api.yaml) -3. Provision a [`DaemonSet`](../examples/dynamic_directory/csi-daemonset.app-on-dir-api.yaml), in order to be able access of all pods on all nodes -4. Monitor the pod logs using a command below, nothing should be printed in log files: - ```shell - $ kubectl logs -f -lapp=csi-daemonset-app-on-dir-api - ``` - IF the command returns a repeating message like the one below, it seems that the node on which the relevant pod is running is misconfigured: - ```shell - /bin/sh: can't create /data/csi-wekafs-test-api-gldmk.txt: Permission denied - ``` - -5. Obtain node name from the pod: - ```shell - $ kubectl get pod csi-wekafs-test-api-gldmk -o wide - NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES - csi-wekafs-test-api-gldmk 1/1 Running 0 98m 10.244.15.2 don-kube-8 - ``` - -6. Connect to the relevant node and check if Weka CSI SELinux policy is installed and enabled - ```shell - $ getsebool -a | grep wekafs - container_use_wekafs --> on - ``` - * If the output matches example, proceed to next step. - * If no output, policy is not installed, proceed to [Custom SELinux Policy Installation](#custom-selinux-policy-installation) - * If the policy is off, enable it and check output of the pod again by issuing - ```shell - $ setsebool container_use_wekafs=on - ``` -7. Check if the node is labeled with plugin is operating in SELinux-compatible mode by issuing the following command: - ```shell - $ kubectl describe node don-kube-8 | grep csi.weka.io/selinux_enabled - csi.weka.io/selinux_enabled=true - ``` - * If the output is empty, proceed to [CSI Plugin Installation and Configuration](#csi-plugin-installation-and-configuration) - > **NOTE:** If the label was missing and added by you during troubleshooting, the CSI node server component must be restarted on the node. - Perform the following command to terminate the relevant pod and another instance will start automatically: - > ```shell - > $ POD=$(kubectl get pod -n csi-wekafs -lcomponent=csi-wekafs-node -o wide | grep -w don-kube-8 | cut -d" " -f1) - > $ kubectl delete pod -n csi-wekafs $POD - >``` - * If the output matches example, proceed to next step -8. Collect CSI node server logs from the matching Kubernetes nodes and contact Weka Customer Success Team: - ```shell - $ POD=$(kubectl get pod -n csi-wekafs -lcomponent=csi-wekafs-node -o wide | grep -w don-kube-8 | cut -d" " -f1) - $ kubectl logs -n csi-wekafs -c wekafs $POD > log.txt - ``` +# Add SELinux support + +## Overview +Security-Enhanced Linux (SELinux) is a Linux kernel security module that provides a mechanism for supporting access control security policies, including mandatory access controls (MAC). + +To add SELinux support, perform the following procedures: + +1. [Install a custom SELinux policy](add-selinux-support.md#install-a-custom-selink-p). +2. [Install and configure the WEKA CSI Plugin](add-selinux-support.md#install-config-csi-plugin). +3. [Test the WEKA CSI Plugin operation](add-selinux-support.md#test-csi-plugin). + +### Install a custom SELinux policy + +1. Distribute the SELinux policy package to all Kubernetes nodes using one of the following options: + * Clone WEKA CSI Plugin Github repository: + + ``` + git clone https://github.com/weka/csi-wekafs.git + ``` + * Copy the content of the `selinux` directory directly to Kubernetes nodes +2. Apply the policy package directly: + + ``` + $ semodule -i csi-wekafs.pp + ``` + + Verify that the policy is applied correctly: + + ``` + $ getsebool -a | grep wekafs + container_use_wekafs --> off + ``` + + If the output matches mentioned above, skip to step 4. Otherwise, proceed to step 3 to build the policy from the sources. +3. In certain circumstances, the pre-compiled policy installation could fail. For example, in a different Kernel version or Linux distribution. In this case, build the policy and install it from the source using the following steps: + + ``` + $ checkmodule -M -m -o csi-wekafs.mod csi-wekafs.te + $ semodule_package -o csi-wekafs.pp -m csi-wekafs.mod + $ make -f /usr/share/selinux/devel/Makefile csi-wekafs.pp + $ semodule -i csi-wekafs.pp + ``` + + For this purpose, the `policycoreutils-devel` package (or its alternative in case of Linux distribution different from the Red Hat family) is required. + + Verify that the policy is applied correctly: + + ``` + $ getsebool -a | grep wekafs + container_use_wekafs --> off + ``` +4. The policy provides a boolean setting that allows on-demand enablement of relevant permissions. To enable WekaFS CSI volumes access from pods, run the command: + + ``` + $ setsebool container_use_wekafs=on + ``` + + To disable access, perform the command: + + ``` + $ setsebool container_use_wekafs=off + ``` + + The configuration changes are applied immediately. + +### Install and configure the WEKA CSI Plugin + +1. To label volumes correctly, install the WEKA CSI Plugin in an SELinux-compatible mode. To do that, set the `selinuxSupport` value to `"enforced"` or `"mixed”` by editing the file `values.yaml` or passing the parameter directly in the `helm` installation command. + +Example: + +``` +$ helm install --upgrade csi-wekafsplugin csi-wekafs/csi-wekafsplugin --namespace csi-wekafsplugin --create-namespace --set selinuxSupport=enforced +``` + +Follow these considerations: + +* WEKA CSI Plugin supports both the `enforced` and `mixed` modes of `selinuxSupport`. The installation depends on the following mode settings: + * When `selinuxSupport` is `enforced`, only SELinux-enabled CSI plugin node components are installed. + * When `selinuxSupport` is `mixed`, both non-SELinux and SELinux-enabled components are installed. + * When `selinuxSupport` is `off`, only non-SELinux CSI plugin node components are installed. +* The SELinux status cannot be known from within the CSI plugin pod. Therefore, a way of distinguishing between SELinux-enabled and non-SELinux nodes is required. WEKA CSI Plugin relies on the node affinity mechanism by matching the value of a certain node label in a mutually exclusive way. Only when the label exists and is set to true, an SELinux-enabled node component will start on that node. Otherwise, the non-SELinux node component will start. + + To ensure that the plugin starts in compatibility mode, set the following label on each SELinux-enabled Kubernetes node: +* If a node label is modified after installing the WEKA CSI Plugin node component on that node, terminate the csi-wekafs-node-XXXX component on the affected node. As a result, a replacement pod is automatically scheduled on the node but with the correct SELinux configuration. + +``` +csi.weka.io/selinux_enabled="true" +``` + +* If another label stating SELinux support is already maintained on nodes, you can modify the expected label name in the `selinuxNodeLabel` parameter by editing the file `values.yaml` or by setting it directly during the WEKA CSI Plugin installation. + + Example: + +``` +$ helm install --upgrade csi-wekafsplugin csi-wekafs/csi-wekafsplugin --namespace csi-wekafsplugin --create-namespace --set selinuxSupport=mixed --set selinuxNodeLabel="selinux_enabled" +``` + +* If a node lab + +### Test the WEKA CSI plugin operation + +1. Make sure you have configured a valid CSI API [`secret`](../examples/common/csi-wekafs-api-secret.yaml). Create a valid WEKA CSI Plugin [`storageClass`](../examples/dynamic/directory/storageclass-wekafs-dir-api.yaml). +2. Provision a [`PersistentVolumeClaim`](../examples/dynamic/directory/pvc-wekafs-dir-api.yaml). +3. Provision a [`DaemonSet`](../examples/dynamic/directory/csi-daemonset.app-on-dir-api.yaml) to enable access to all pods on all nodes. +4. Monitor the pod logs using the following command (expect no printing in the log files): + + ``` + $ kubectl logs -f -lapp=csi-daemonset-app-on-dir-api + ``` + + If the command returns a repeating message like the following one, it is most likely that the node on which the relevant pod is running is misconfigured: + + ``` + /bin/sh: can't create /data/csi-wekafs-test-api-gldmk.txt: Permission denied + ``` +5. Obtain the node name from the pod: + + ``` + $ kubectl get pod csi-wekafs-test-api-gldmk -o wide + NAME READY STATUS RESTARTS AGE IP NODE NOMINATED NODE READINESS GATES + csi-wekafs-test-api-gldmk 1/1 Running 0 98m 10.244.15.2 don-kube-8 + ``` +6. Connect to the relevant node and check if the WEKA CSI SELinux policy is installed and enabled: + + ``` + $ getsebool -a | grep wekafs + container_use_wekafs --> on + ``` + + * If the result matches the example, proceed to the next step. + * If there is no result, the policy is not installed. Perform the [Install a custom SELinux policy](add-selinux-support.md#install-a-custom-selink-p) procedure. + * If the policy is off, enable it and check the pod output again by running: + + ``` + $ setsebool container_use_wekafs=on + ``` +7. Check if the node is labeled with the plugin is operating in SELinux-compatible mode by running the following command: + + ``` + $ kubectl describe node don-kube-8 | grep csi.weka.io/selinux_enabled + csi.weka.io/selinux_enabled=true + ``` + + * If the output is empty, Perform the [Install and configure the Weka CSI Plugin](add-selinux-support.md#install-config-csi-plugin) procedure. + + + + If the label was missing and added by you during troubleshooting, the CSI node server component must be restarted on the node.\ + Perform the following command to terminate the relevant pod, and another instance will start automatically: + +{% code fullWidth="false" %} +``` +$ POD=$(kubectl get pod -n csi-wekafs -lcomponent=csi-wekafs-node -o wide | grep -w don-kube-8 | cut -d" " -f1) +$ kubectl delete pod -n csi-wekafs $POD +``` +{% endcode %} + +8. Collect CSI node server logs from the matching Kubernetes nodes and contact the [Customer Success Team](https://docs.weka.io/support/getting-support-for-your-weka-system.md#contact-customer-success-team). + +``` +$ POD=$(kubectl get pod -n csi-wekafs -lcomponent=csi-wekafs-node -o wide | grep -w don-kube-8 | cut -d" " -f1) +$ kubectl logs -n csi-wekafs -c wekafs $POD > log.txt +``` From d2bf7d171d3c8f5bcd986cce98d366d758aa78d8 Mon Sep 17 00:00:00 2001 From: Ari Attias Date: Thu, 21 Nov 2024 12:45:19 +0200 Subject: [PATCH 31/63] Update README.md: edit links --- selinux/README.md | 25 +++++++++++-------------- 1 file changed, 11 insertions(+), 14 deletions(-) diff --git a/selinux/README.md b/selinux/README.md index e09676d4a..c607b5fa2 100644 --- a/selinux/README.md +++ b/selinux/README.md @@ -5,11 +5,11 @@ Security-Enhanced Linux (SELinux) is a Linux kernel security module that provide To add SELinux support, perform the following procedures: -1. [Install a custom SELinux policy](add-selinux-support.md#install-a-custom-selink-p). -2. [Install and configure the WEKA CSI Plugin](add-selinux-support.md#install-config-csi-plugin). -3. [Test the WEKA CSI Plugin operation](add-selinux-support.md#test-csi-plugin). +1. Install a custom SELinux policy. +2. Install and configure the WEKA CSI Plugin. +3. Test the WEKA CSI Plugin operation. -### Install a custom SELinux policy +### Install a custom SELinux policy 1. Distribute the SELinux policy package to all Kubernetes nodes using one of the following options: * Clone WEKA CSI Plugin Github repository: @@ -63,7 +63,7 @@ To add SELinux support, perform the following procedures: The configuration changes are applied immediately. -### Install and configure the WEKA CSI Plugin +### Install and configure the WEKA CSI Plugin 1. To label volumes correctly, install the WEKA CSI Plugin in an SELinux-compatible mode. To do that, set the `selinuxSupport` value to `"enforced"` or `"mixed”` by editing the file `values.yaml` or passing the parameter directly in the `helm` installation command. @@ -79,9 +79,9 @@ Follow these considerations: * When `selinuxSupport` is `enforced`, only SELinux-enabled CSI plugin node components are installed. * When `selinuxSupport` is `mixed`, both non-SELinux and SELinux-enabled components are installed. * When `selinuxSupport` is `off`, only non-SELinux CSI plugin node components are installed. -* The SELinux status cannot be known from within the CSI plugin pod. Therefore, a way of distinguishing between SELinux-enabled and non-SELinux nodes is required. WEKA CSI Plugin relies on the node affinity mechanism by matching the value of a certain node label in a mutually exclusive way. Only when the label exists and is set to true, an SELinux-enabled node component will start on that node. Otherwise, the non-SELinux node component will start. +* The SELinux status cannot be known from within the CSI plugin pod. Therefore, a way of distinguishing between SELinux-enabled and non-SELinux nodes is required. WEKA CSI Plugin relies on the node affinity mechanism by matching the value of a certain node label in a mutually exclusive way. Only when the label exists and is set to true, an SELinux-enabled node component starts on that node. Otherwise, the non-SELinux node component starts. - To ensure that the plugin starts in compatibility mode, set the following label on each SELinux-enabled Kubernetes node: +To ensure that the plugin starts in compatibility mode, set the following label on each SELinux-enabled Kubernetes node: * If a node label is modified after installing the WEKA CSI Plugin node component on that node, terminate the csi-wekafs-node-XXXX component on the affected node. As a result, a replacement pod is automatically scheduled on the node but with the correct SELinux configuration. ``` @@ -98,8 +98,7 @@ $ helm install --upgrade csi-wekafsplugin csi-wekafs/csi-wekafsplugin --namespac * If a node lab -### Test the WEKA CSI plugin operation - +### Test the WEKA CSI plugin operation 1. Make sure you have configured a valid CSI API [`secret`](../examples/common/csi-wekafs-api-secret.yaml). Create a valid WEKA CSI Plugin [`storageClass`](../examples/dynamic/directory/storageclass-wekafs-dir-api.yaml). 2. Provision a [`PersistentVolumeClaim`](../examples/dynamic/directory/pvc-wekafs-dir-api.yaml). 3. Provision a [`DaemonSet`](../examples/dynamic/directory/csi-daemonset.app-on-dir-api.yaml) to enable access to all pods on all nodes. @@ -129,7 +128,7 @@ $ helm install --upgrade csi-wekafsplugin csi-wekafs/csi-wekafsplugin --namespac ``` * If the result matches the example, proceed to the next step. - * If there is no result, the policy is not installed. Perform the [Install a custom SELinux policy](add-selinux-support.md#install-a-custom-selink-p) procedure. + * If there is no result, the policy is not installed. Perform the **Install a custom SELinux policy** procedure avove. * If the policy is off, enable it and check the pod output again by running: ``` @@ -142,21 +141,19 @@ $ helm install --upgrade csi-wekafsplugin csi-wekafs/csi-wekafsplugin --namespac csi.weka.io/selinux_enabled=true ``` - * If the output is empty, Perform the [Install and configure the Weka CSI Plugin](add-selinux-support.md#install-config-csi-plugin) procedure. + * If the output is empty, Perform the **Install and configure the Weka CSI Plugin** procedure. If the label was missing and added by you during troubleshooting, the CSI node server component must be restarted on the node.\ Perform the following command to terminate the relevant pod, and another instance will start automatically: -{% code fullWidth="false" %} ``` $ POD=$(kubectl get pod -n csi-wekafs -lcomponent=csi-wekafs-node -o wide | grep -w don-kube-8 | cut -d" " -f1) $ kubectl delete pod -n csi-wekafs $POD ``` -{% endcode %} -8. Collect CSI node server logs from the matching Kubernetes nodes and contact the [Customer Success Team](https://docs.weka.io/support/getting-support-for-your-weka-system.md#contact-customer-success-team). +8. Collect CSI node server logs from the matching Kubernetes nodes and contact the [Customer Success Team] (https://docs.weka.io/support/getting-support-for-your-weka-system). ``` $ POD=$(kubectl get pod -n csi-wekafs -lcomponent=csi-wekafs-node -o wide | grep -w don-kube-8 | cut -d" " -f1) From b66375cdf78cb8117f4576d4aaf9df00d7206870 Mon Sep 17 00:00:00 2001 From: Ari Attias Date: Thu, 21 Nov 2024 12:50:56 +0200 Subject: [PATCH 32/63] Update README.md: fix link --- selinux/README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/selinux/README.md b/selinux/README.md index c607b5fa2..538925da8 100644 --- a/selinux/README.md +++ b/selinux/README.md @@ -153,7 +153,7 @@ $ POD=$(kubectl get pod -n csi-wekafs -lcomponent=csi-wekafs-node -o wide | grep $ kubectl delete pod -n csi-wekafs $POD ``` -8. Collect CSI node server logs from the matching Kubernetes nodes and contact the [Customer Success Team] (https://docs.weka.io/support/getting-support-for-your-weka-system). +8. Collect CSI node server logs from the matching Kubernetes nodes and contact the [Customer Success Team](https://docs.weka.io/support/getting-support-for-your-weka-system). ``` $ POD=$(kubectl get pod -n csi-wekafs -lcomponent=csi-wekafs-node -o wide | grep -w don-kube-8 | cut -d" " -f1) From 7766d7b190200c1e2b346db4d8674365f3ac62ed Mon Sep 17 00:00:00 2001 From: Ari Attias Date: Thu, 21 Nov 2024 13:08:21 +0200 Subject: [PATCH 33/63] Update README.md: fix format --- selinux/README.md | 24 +++++++++++------------- 1 file changed, 11 insertions(+), 13 deletions(-) diff --git a/selinux/README.md b/selinux/README.md index 538925da8..4846a4a3d 100644 --- a/selinux/README.md +++ b/selinux/README.md @@ -141,21 +141,19 @@ $ helm install --upgrade csi-wekafsplugin csi-wekafs/csi-wekafsplugin --namespac csi.weka.io/selinux_enabled=true ``` - * If the output is empty, Perform the **Install and configure the Weka CSI Plugin** procedure. + * If the output is empty, Perform the **Install and configure the Weka CSI Plugin** procedure. + If the label is missing and added by you during troubleshooting, the CSI node server component must be restarted on the node.\ + Perform the following command to terminate the relevant pod, and another instance will start automatically: - - If the label was missing and added by you during troubleshooting, the CSI node server component must be restarted on the node.\ - Perform the following command to terminate the relevant pod, and another instance will start automatically: - -``` -$ POD=$(kubectl get pod -n csi-wekafs -lcomponent=csi-wekafs-node -o wide | grep -w don-kube-8 | cut -d" " -f1) -$ kubectl delete pod -n csi-wekafs $POD -``` + ``` + $ POD=$(kubectl get pod -n csi-wekafs -lcomponent=csi-wekafs-node -o wide | grep -w don-kube-8 | cut -d" " -f1) + $ kubectl delete pod -n csi-wekafs $POD + ``` 8. Collect CSI node server logs from the matching Kubernetes nodes and contact the [Customer Success Team](https://docs.weka.io/support/getting-support-for-your-weka-system). -``` -$ POD=$(kubectl get pod -n csi-wekafs -lcomponent=csi-wekafs-node -o wide | grep -w don-kube-8 | cut -d" " -f1) -$ kubectl logs -n csi-wekafs -c wekafs $POD > log.txt -``` + ``` + $ POD=$(kubectl get pod -n csi-wekafs -lcomponent=csi-wekafs-node -o wide | grep -w don-kube-8 | cut -d" " -f1) + $ kubectl logs -n csi-wekafs -c wekafs $POD > log.txt + ``` From 696c1c5900975da997f65a8fd8f9c86b88f77f98 Mon Sep 17 00:00:00 2001 From: Ari Attias Date: Wed, 27 Nov 2024 10:09:13 +0200 Subject: [PATCH 34/63] Add the deployment page --- docs/deployment.md | 252 +++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 252 insertions(+) create mode 100644 docs/deployment.md diff --git a/docs/deployment.md b/docs/deployment.md new file mode 100644 index 000000000..95c80c059 --- /dev/null +++ b/docs/deployment.md @@ -0,0 +1,252 @@ +# Deployment + +You can deploy the WEKA CSI Plugin using the helm chart from the official [WEKA ArtifactHub repository](https://artifacthub.io/packages/helm/csi-wekafs/csi-wekafsplugin). + +## Prerequisites + +Ensure the following prerequisites are met: + +* The privileged mode must be allowed on the Kubernetes cluster. +* The following Kubernetes feature gates must be enabled: DevicePlugins, CSINodeInfo, CSIDriverRegistry, and ExpandCSIVolumes (all these gates are enabled by default). +* A WEKA cluster is installed. +* For snapshot and directory backing, a filesystem must be pre-defined on the WEKA cluster. +* For filesystem backing, a filesystem group must be pre-defined on the WEKA cluster. +* Your workstation has a valid connection to the Kubernetes worker nodes. + +### Prerequisites for using WekaFS transport + +The WEKA client must be installed on the Kubernetes worker nodes. Follow these guidelines: + +* It is recommended to use a WEKA persistent client (a client that is part of the cluster) rather than a stateless client. See [adding-clients-bare-metal.md](../../planning-and-installation/bare-metal/adding-clients-bare-metal.md "mention"). +* If the Kubernetes worker nodes are running on WEKA cluster backends (converged mode), ensure the WEKA processes are running before the `kubelet` process starts. + +### **Prerequisites for Using NFS transport** + +* The WEKA cluster must be installed and properly configured. +* The NFS protocol must be enabled on the WEKA cluster. +* An NFS interface group must be created on the WEKA cluster with at least one floating IP address. For optimal performance and load sharing, it's recommended to assign at least one IP address per protocol node in the cluster. +* NFS interface group IP addresses must be accessible from the Kubernetes cluster nodes. + +### Guidelines for NFS Interface Groups and configuration + +* **Setting the NFS Interface Group**\ + When defining multiple NFS interface groups on WEKA clusters, set the `pluginConfig.mountProtocol.interfaceGroupName` parameter in the `values.yaml` file to specify the desired NFS interface group name. Failure to do so will result in the use of an arbitrary NFS interface group, which may lead to performance or networking issues. +* **Configuring the NFS Client Group**\ + The WEKA CSI Plugin automatically creates an NFS Client group named `WekaCSIPluginClients`. During volume creation or publishing, the Kubernetes node IP address is added to this group. For larger deployments, instead of adding node IP addresses individually (which is more secure), consider defining a CIDR network range for the NFS Client group in the WEKA cluster. Use the `pluginConfig.mountProtocol.nfsClientGroupName` parameter in the `values.yaml` file to specify this group. +* **Manual IP Address Specification**\ + In cloud or on-premises deployments where virtual IP addresses cannot be assigned to the interface group, the WEKA CSI Plugin can still be used with NFS transport. In this case, manually specify the IP addresses of the NFS protocol nodes as NFS target IP addresses (using API secret). Note that automatic failover for NFS connections will not be available, and the failure of a protocol node may disrupt NFS connections. + +## Installation + +### Install CSI Snapshot Controller and Snapshot CRDs + +To enable Kubernetes-controlled snapshots, install the CSI Snapshot Controller and the [CSI external-snapshotter](#user-content-fn-1)[^1] CRD manifests. + +{% hint style="info" %} +On RedHat OpenShift Container Platform (OCP) those definitions might be preinstalled. +{% endhint %} + +1. On the workstation you manage Kubernetes from, clone the CSI external-snapshotter from its GitHub repository. + +``` +git clone https://github.com/kubernetes-csi/external-snapshotter +``` + +2. Switch to the directory created by the Git clone. + +``` +cd external-snapshotter +``` + +3. Create and deploy the proper Custom Resource Definitions for the CSI external-snapshotter. + +``` +kubectl -n kube-system kustomize deploy/kubernetes/snapshot-controller | kubectl create -f - +kubectl kustomize client/config/crd | kubectl create -f - +``` + +### WEKAFS CSI + +1. On the workstation you manage Kubernetes from, add the `csi-wekafs` repository: + +``` +helm repo add csi-wekafs https://weka.github.io/csi-wekafs + +``` + +2. Install the WEKA CSI Plugin. Run the following command: + +``` +helm install csi-wekafs csi-wekafs/csi-wekafsplugin --namespace csi-wekafs --create-namespace + +``` + +{% hint style="info" %} +If you need SELinux support, see the [SELinux support](add-selinux-support.md) section. +{% endhint %} + +
+ +Installation output example + +Once the installation completes successfully, the following output is displayed: + +``` +NAME: csi-wekafs +LAST DEPLOYED: Mon May 29 08:36:19 2023 +NAMESPACE: csi-wekafs +STATUS: deployed +REVISION: 1 +TEST SUITE: None +NOTES: +Thank you for installing csi-wekafs. + +Your release is named csi-wekafs. +The release is installed in namespace csi-wekafs + +To learn more about the release, try: + + $ helm status -n csi-wekafs csi-wekafs + $ helm get all -n csi-wekafs csi-wekafs + +Official Weka CSI Plugin documentation can be found here: https://docs.weka.io/appendix/weka-csi-plugin + +Examples of how to configure a storage class and start using the driver are here: +https://github.com/weka/csi-wekafs/tree/master/examples + +-------------------------------------------------- NOTICE -------------------------------------------------- +| THIS VERSION INTRODUCES SUPPORT FOR ADDITIONAL VOLUME TYPES, AS WELL AS SNAPSHOT AND VOLUME CLONING CAPS | +| TO BETTER UNDERSTAND DIFFERENT TYPES OF VOLUMES AND THEIR IMPLICATIONS, REFER TO THE DOCUMENTATION ABOVE | +| ALSO, IT IS RECOMMENDED TO CAREFULLY GO OVER NEW CONFIGURATION PARAMETERS AND ITS MEANINGS, AS BEHAVIOR | +| OF THE PLUGIN AND ITS REPORTED CAPABILITIES LARGELY DEPEND ON THE CONFIGURATION AND WEKA CLUSTER VERSION | +------------------------------------------------------------------------------------------------------------ + +-------------------------------------------------- WARNING ------------------------------------------------- +| SUPPORT OF LEGACY VOLUMES WITHOUT API BINDING WILL BE REMOVED IN NEXT MAJOR RELEASE OF WEKA CSI PLUGIN. | +| NEW FEATURES RELY ON API CONNECTIVITY TO WEKA CLUSTER AND WILL NOT BE SUPPORTED ON API-UNBOUND VOLUMES. | +| PLEASE MAKE SURE TO MIGRATE ALL EXISTING VOLUMES TO API-BASED SCHEME PRIOR TO NEXT VERSION UPGRADE. | +------------------------------------------------------------------------------------------------------------ + +``` + +
+ +## Upgrade from any previous version to WEKA CSI Plugin v2.0 + +In WEKA CSI Plugin v2.0, the CSIDriver object has undergone changes. Specifically, CSIDriver objects are now immutable. Consequently, the upgrade process involves uninstalling the previous CSI version using Helm and subsequently installing the new version. It is important to note that the uninstall operation does not delete any existing secrets, StorageClasses, or PVC configurations. + +{% hint style="danger" %} +If you plan to upgrade the existing WEKA CSI Plugin and enable directory quota enforcement for already existing volumes, bind the legacy volumes to a single secret. See the [Bind legacy volumes to API](upgrade-legacy-persistent-volumes-for-capacity-enforcement.md#bind-legacy-volumes-to-api) section. +{% endhint %} + +#### 1. Prepare for the upgrade + +1. Uninstall the existing CSI Plugin. Run the following command line: + +``` +helm uninstall csi-wekafs --namespace csi-wekafs +``` + +2. Update the `csi-wekafs` helm repository. Run the following command line: + +``` +helm repo update csi-wekafs + +``` + +3. Download the `csi-wekafs` git repository. + +``` +git clone https://github.com/weka/csi-wekafs.git --branch main --single-branch +``` + +#### 2. Install the upgraded helm release + +Run the following command line: + +``` +helm install csi-wekafs --namespace csi-wekafs csi-wekafs/csi-wekafsplugin + +``` + +## Upgrade from WEKA CSI Plugin WEKA 2.0 forward + +If the WEKA CSI plugin source is v2.0 or higher, follow this workflow. + +#### 1. Update helm repo + +Run the following command line: + +``` +helm repo update csi-wekafs +``` + +#### 2. Update the helm deployment + +Run the following command line: + +``` +helm upgrade --install csi-wekafs --namespace csi-wekafs csi-wekafs/csi-wekafsplugin +``` + +
+ +Output example + +Once the upgrade completes successfully, the following output is displayed: + +``` +Release "csi-wekafs" has been upgraded. Happy Helming! +NAME: csi-wekafs +LAST DEPLOYED: Tue June 2 15:39:01 2023 +NAMESPACE: csi-wekafs +STATUS: deployed +REVISION: 10 +TEST SUITE: None +NOTES: +Thank you for installing csi-wekafsplugin. + +Your release is named csi-wekafs. + +To learn more about the release, try: + + $ helm status csi-wekafs + $ helm get all csi-wekafs + +Official Weka CSI Plugin documentation can be found here: https://docs.weka.io/appendix/weka-csi-plugin + +``` + +
+ +#### 3. Elevate the OpenShift privileges + +If the Kubernetes worker nodes run on RHEL and use OpenShift, elevate the OpenShift privileges for the WEKA CSI Plugin. (RHCoreOS on Kubernetes worker nodes supports NFS connections.) + +To elevate the OpenShift privileges, run the following command lines: + +{% code overflow="wrap" %} +``` +oc create namespace csi-wekafs +oc adm policy add-scc-to-user privileged system:serviceaccount:csi-wekafs:csi-wekafs-node +oc adm policy add-scc-to-user privileged system:serviceaccount:csi-wekafs:csi-wekafs-controller + +``` +{% endcode %} + +#### 4. Delete the CSI Plugin pods + +The CSI Plugin fetches the WEKA filesystem cluster capabilities during the first login to the API endpoint and caches it throughout the login refresh token validity period to improve the efficiency and performance of the plugin. + +However, the WEKA filesystem cluster upgrade might be unnoticed if performed during this time window, continuing to provision new volumes in the legacy mode. + +To expedite the update of the Weka cluster capabilities, it is recommended to delete all the CSI Plugin pods to invalidate the cache. The pods are then restarted. + +Run the following command lines: + +``` +kubectl delete pod -n csi-wekafs -lapp=csi-wekafs-controller +kubectl delete pod -n csi-wekafs -lapp=csi-wekafs-node +``` + +[^1]: The **CSI external-snapshotter** is a sidecar container in Kubernetes. It monitors for `VolumeSnapshot` and `VolumeSnapshotContent` objects and triggers snapshot operations against a CSI endpoint. It’s part of the Kubernetes’ CSI implementation. From ee61c28a1edc427d7ff5a8d096d537715025ef21 Mon Sep 17 00:00:00 2001 From: Ari Attias Date: Wed, 27 Nov 2024 10:30:05 +0200 Subject: [PATCH 35/63] Update deployment.md --- docs/deployment.md | 26 +++++++------------------- 1 file changed, 7 insertions(+), 19 deletions(-) diff --git a/docs/deployment.md b/docs/deployment.md index 95c80c059..ddca6316a 100644 --- a/docs/deployment.md +++ b/docs/deployment.md @@ -1,7 +1,5 @@ # Deployment -You can deploy the WEKA CSI Plugin using the helm chart from the official [WEKA ArtifactHub repository](https://artifacthub.io/packages/helm/csi-wekafs/csi-wekafsplugin). - ## Prerequisites Ensure the following prerequisites are met: @@ -17,7 +15,7 @@ Ensure the following prerequisites are met: The WEKA client must be installed on the Kubernetes worker nodes. Follow these guidelines: -* It is recommended to use a WEKA persistent client (a client that is part of the cluster) rather than a stateless client. See [adding-clients-bare-metal.md](../../planning-and-installation/bare-metal/adding-clients-bare-metal.md "mention"). +* It is recommended to use a WEKA persistent client (a client that is part of the cluster) rather than a stateless client. See [Add clients to an on-premises WEKA cluster](https://docs.weka.io/planning-and-installation/bare-metal/adding-clients-bare-metal). * If the Kubernetes worker nodes are running on WEKA cluster backends (converged mode), ensure the WEKA processes are running before the `kubelet` process starts. ### **Prerequisites for Using NFS transport** @@ -40,11 +38,10 @@ The WEKA client must be installed on the Kubernetes worker nodes. Follow these g ### Install CSI Snapshot Controller and Snapshot CRDs -To enable Kubernetes-controlled snapshots, install the CSI Snapshot Controller and the [CSI external-snapshotter](#user-content-fn-1)[^1] CRD manifests. +To enable Kubernetes-controlled snapshots, install the CSI Snapshot Controller and the CSI external-snapshotter CRD manifests. +**Note**: The CSI external-snapshotter is a sidecar container in Kubernetes. It monitors for VolumeSnapshot and VolumeSnapshotContent objects and triggers snapshot operations against a CSI endpoint. It’s part of the Kubernetes’ CSI implementation. -{% hint style="info" %} -On RedHat OpenShift Container Platform (OCP) those definitions might be preinstalled. -{% endhint %} +**Note**: On RedHat OpenShift Container Platform (OCP) those definitions might be preinstalled. 1. On the workstation you manage Kubernetes from, clone the CSI external-snapshotter from its GitHub repository. @@ -81,9 +78,7 @@ helm install csi-wekafs csi-wekafs/csi-wekafsplugin --namespace csi-wekafs --cre ``` -{% hint style="info" %} -If you need SELinux support, see the [SELinux support](add-selinux-support.md) section. -{% endhint %} +**Note**: If you need SELinux support, see the [SELinux](../selinux/readme.md) section.
@@ -109,10 +104,7 @@ To learn more about the release, try: $ helm status -n csi-wekafs csi-wekafs $ helm get all -n csi-wekafs csi-wekafs -Official Weka CSI Plugin documentation can be found here: https://docs.weka.io/appendix/weka-csi-plugin - -Examples of how to configure a storage class and start using the driver are here: -https://github.com/weka/csi-wekafs/tree/master/examples +To configure a storage class and start using the driver, see the [Examples](../examples/readme.md) section. -------------------------------------------------- NOTICE -------------------------------------------------- | THIS VERSION INTRODUCES SUPPORT FOR ADDITIONAL VOLUME TYPES, AS WELL AS SNAPSHOT AND VOLUME CLONING CAPS | @@ -135,9 +127,7 @@ https://github.com/weka/csi-wekafs/tree/master/examples In WEKA CSI Plugin v2.0, the CSIDriver object has undergone changes. Specifically, CSIDriver objects are now immutable. Consequently, the upgrade process involves uninstalling the previous CSI version using Helm and subsequently installing the new version. It is important to note that the uninstall operation does not delete any existing secrets, StorageClasses, or PVC configurations. -{% hint style="danger" %} -If you plan to upgrade the existing WEKA CSI Plugin and enable directory quota enforcement for already existing volumes, bind the legacy volumes to a single secret. See the [Bind legacy volumes to API](upgrade-legacy-persistent-volumes-for-capacity-enforcement.md#bind-legacy-volumes-to-api) section. -{% endhint %} +**Warning**: If you plan to upgrade the existing WEKA CSI Plugin and enable directory quota enforcement for already existing volumes, bind the legacy volumes to a single secret. See the [Bind legacy volumes to API](../migration/upgrade-legacy-pv.md) section. #### 1. Prepare for the upgrade @@ -225,14 +215,12 @@ If the Kubernetes worker nodes run on RHEL and use OpenShift, elevate the OpenSh To elevate the OpenShift privileges, run the following command lines: -{% code overflow="wrap" %} ``` oc create namespace csi-wekafs oc adm policy add-scc-to-user privileged system:serviceaccount:csi-wekafs:csi-wekafs-node oc adm policy add-scc-to-user privileged system:serviceaccount:csi-wekafs:csi-wekafs-controller ``` -{% endcode %} #### 4. Delete the CSI Plugin pods From be0907fbd45bdfbd681738ea1c7f486f396d8488 Mon Sep 17 00:00:00 2001 From: Ari Attias Date: Wed, 27 Nov 2024 10:34:55 +0200 Subject: [PATCH 36/63] Update deployment.md --- docs/deployment.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/deployment.md b/docs/deployment.md index ddca6316a..cc754a89c 100644 --- a/docs/deployment.md +++ b/docs/deployment.md @@ -78,7 +78,7 @@ helm install csi-wekafs csi-wekafs/csi-wekafsplugin --namespace csi-wekafs --cre ``` -**Note**: If you need SELinux support, see the [SELinux](../selinux/readme.md) section. +**Note**: If you need SELinux support, see the [SELinux](../selinux/README.md) section.
@@ -104,7 +104,7 @@ To learn more about the release, try: $ helm status -n csi-wekafs csi-wekafs $ helm get all -n csi-wekafs csi-wekafs -To configure a storage class and start using the driver, see the [Examples](../examples/readme.md) section. +To configure a storage class and start using the driver, see the [Examples](../examples/README.md) section. -------------------------------------------------- NOTICE -------------------------------------------------- | THIS VERSION INTRODUCES SUPPORT FOR ADDITIONAL VOLUME TYPES, AS WELL AS SNAPSHOT AND VOLUME CLONING CAPS | From 45dd87445ff0e1483e3451f767a2a6c21534d1e6 Mon Sep 17 00:00:00 2001 From: Ari Attias Date: Wed, 27 Nov 2024 10:38:02 +0200 Subject: [PATCH 37/63] Update deployment.md --- docs/deployment.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/deployment.md b/docs/deployment.md index cc754a89c..916bffd7e 100644 --- a/docs/deployment.md +++ b/docs/deployment.md @@ -104,7 +104,7 @@ To learn more about the release, try: $ helm status -n csi-wekafs csi-wekafs $ helm get all -n csi-wekafs csi-wekafs -To configure a storage class and start using the driver, see the [Examples](../examples/README.md) section. +To configure a storage class and start using the driver, see the [Examples](../examples/) directory. -------------------------------------------------- NOTICE -------------------------------------------------- | THIS VERSION INTRODUCES SUPPORT FOR ADDITIONAL VOLUME TYPES, AS WELL AS SNAPSHOT AND VOLUME CLONING CAPS | From 0c87443cc257c1f8eaddefb7bf3e97065ac12f7c Mon Sep 17 00:00:00 2001 From: Ari Attias Date: Wed, 27 Nov 2024 10:40:20 +0200 Subject: [PATCH 38/63] Update deployment.md --- docs/deployment.md | 2 -- 1 file changed, 2 deletions(-) diff --git a/docs/deployment.md b/docs/deployment.md index 916bffd7e..429a51d5f 100644 --- a/docs/deployment.md +++ b/docs/deployment.md @@ -203,8 +203,6 @@ To learn more about the release, try: $ helm status csi-wekafs $ helm get all csi-wekafs -Official Weka CSI Plugin documentation can be found here: https://docs.weka.io/appendix/weka-csi-plugin - ```
From 90bc16d13d7b0f731b9237c61407b300e1e5ca1c Mon Sep 17 00:00:00 2001 From: Ari Attias Date: Wed, 27 Nov 2024 11:49:04 +0200 Subject: [PATCH 39/63] Update README.md: removed references to the official doc docs.weka.io now only includes a one-page overview. There is no point in referring to it. --- charts/csi-wekafsplugin/README.md | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/charts/csi-wekafsplugin/README.md b/charts/csi-wekafsplugin/README.md index 3ddf2b028..2c11280a1 100644 --- a/charts/csi-wekafsplugin/README.md +++ b/charts/csi-wekafsplugin/README.md @@ -36,16 +36,12 @@ helm install csi-wekafsplugin csi-wekafs/csi-wekafsplugin --namespace csi-wekafs > > However, for sake of more convenient migration, a `legacySecretName` parameter can be set that will > bind existing legacy volumes to a Weka cluster API and allow volume expansion. -> -> For further information, refer [Official Weka CSI Plugin documentation](https://docs.weka.io/appendices/weka-csi-plugin) + ## Usage - [Deploy an Example application](https://github.com/weka/csi-wekafs/blob/master/docs/usage.md) - [SELinux Support & Installation Notes](https://github.com/weka/csi-wekafs/blob/master/selinux/README.md) -## Additional Documentation -- [Official Weka CSI Plugin documentation](https://docs.weka.io/appendices/weka-csi-plugin) - ## Values | Key | Type | Default | Description | From 397786884c3e3227c9d7371c6b070333a69ac0e3 Mon Sep 17 00:00:00 2001 From: Ari Attias Date: Thu, 28 Nov 2024 19:05:28 +0200 Subject: [PATCH 40/63] Update README.md: reworded some sentences --- charts/csi-wekafsplugin/README.md | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/charts/csi-wekafsplugin/README.md b/charts/csi-wekafsplugin/README.md index 2c11280a1..4659568e2 100644 --- a/charts/csi-wekafsplugin/README.md +++ b/charts/csi-wekafsplugin/README.md @@ -15,9 +15,9 @@ https://github.com/weka/csi-wekafs | WekaIO, Inc. | | | ## Pre-requisite -- Kubernetes cluster of version 1.18 and up, 1.19 and up recommended -- Helm v3 must be installed and configured properly -- Weka system pre-configured and Weka client installed and registered in cluster for each Kubernetes node +- **Kubernetes cluster**: Version 1.18 or later (version 1.19 or later is recommended). +- **Helm**: Helm v3 must be installed and properly configured. +- **WEKA system**: The WEKA system must be pre-configured, with the WEKA client installed and registered on each Kubernetes node within the cluster. ## Deployment ```shell @@ -25,17 +25,17 @@ helm repo add csi-wekafs https://weka.github.io/csi-wekafs helm install csi-wekafsplugin csi-wekafs/csi-wekafsplugin --namespace csi-wekafsplugin --create-namespace [--set selinuxSupport=] ``` -> **NOTE:** Since version 0.8.0, Weka CSI plugin supports installation on SELinux-enabled Kubernetes clusters -> Refer to [SELinux Support & Installation Notes](https://github.com/weka/csi-wekafs/blob/master/selinux/README.md) for additional information +> **NOTE:** As of version 0.8.0, the WEKA CSI plugin supports installation on Kubernetes clusters with SELinux enabled. +> For more details, refer to the [SELinux Support & Installation Notes](https://github.com/weka/csi-wekafs/blob/master/selinux/README.md). -> **NOTE:** Since version 0.7.0, Weka CSI plugin transitions to API-based deployment model which requires API -> connectivity and credentials parameters to be set in Storage Class. +> **NOTE:** Starting with version 0.7.0, the WEKA CSI plugin adopts an API-based deployment model. +> This model requires API connectivity and the configuration of credential parameters within the Storage Class. > -> Kubernetes does not allow storage class modification for existing volumes, hence the -> recommended upgrade process is re-deploying new persistent volumes based on new storage class format. +> Kubernetes does not support modifying the storage class of existing volumes. +> Therefore, the recommended upgrade process involves re-deploying new persistent volumes using the updated storage class format. > -> However, for sake of more convenient migration, a `legacySecretName` parameter can be set that will -> bind existing legacy volumes to a Weka cluster API and allow volume expansion. +> To facilitate a smoother migration process, the legacySecretName parameter can be configured. +> This parameter binds existing legacy volumes to the Weka Cluster API, enabling volume expansion. ## Usage From 65f462616cef818cf88b403c80f319e5e41cc421 Mon Sep 17 00:00:00 2001 From: Ari Attias Date: Mon, 16 Dec 2024 11:34:28 +0200 Subject: [PATCH 41/63] Update README.md.gotmpl Removed the reference to the official doc. --- README.md.gotmpl | 3 --- 1 file changed, 3 deletions(-) diff --git a/README.md.gotmpl b/README.md.gotmpl index ef6a3a47c..1d0da8a81 100644 --- a/README.md.gotmpl +++ b/README.md.gotmpl @@ -25,9 +25,6 @@ - [SELinux Support & Installation Notes](selinux/README.md) - [Using Weka CSI Plugin with NFS transport](docs/NFS.md) -## Additional Documentation -- [Official Weka CSI Plugin documentation](https://docs.weka.io/appendices/weka-csi-plugin) - ## Building the binaries If you want to build the driver yourself, you can do so with the following command from the root directory: From 8e72f7dc9e4f97f295da3932d2292f3a71a691eb Mon Sep 17 00:00:00 2001 From: Ari Attias Date: Mon, 16 Dec 2024 11:53:45 +0200 Subject: [PATCH 42/63] Update NFS.md Added > to warning and note --- docs/NFS.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/docs/NFS.md b/docs/NFS.md index 0b7a76739..0fb8d288b 100644 --- a/docs/NFS.md +++ b/docs/NFS.md @@ -13,8 +13,8 @@ While using the native WekaFS driver as the storage connectivity layer is the re ### Limitations and constraints -**Warning**: -As of version 2.5.0 and until further notice, publishing snapshot-backed volumes via NFS transport is not recommended. This is an open issue currently under investigation. +>**Warning**: +>As of version 2.5.0 and until further notice, publishing snapshot-backed volumes via NFS transport is not recommended. This is an open issue currently under investigation. * **Feature parity**: Certain features and capabilities available with the native WekaFS driver may be absent when using the WEKA CSI Plugin with NFS transport. * **Complexity**: NFS transport necessitates additional configuration on the WEKA cluster and may require further networking setup on the Kubernetes cluster. @@ -140,8 +140,8 @@ Before using the WEKA CSI Plugin with NFS transport, prepare the WEKA cluster fo In cloud deployments where setting a Group IP address is impossible, you can use the WEKA server IP addresses instead. In this case, set the IP addresses through the API secret to replace the Group IP addresses. This configuration can be done by providing the `nfsTargetIps` parameter in the API secret. For more details, see [API secret example](../examples/common/csi-wekafs-api-secret.yaml). -**Note**: -Using an NFS load balancer that redirects NFS connections to multiple WEKA servers (also known as NFSv4 directory referrals) is not supported. +>**Note**: +>Using an NFS load balancer that redirects NFS connections to multiple WEKA servers (also known as NFSv4 directory referrals) is not supported. ## Install the WEKA CSI Plugin with NFS transport From 6c82443a35be84fd657034475bd88dea81f851b4 Mon Sep 17 00:00:00 2001 From: Ari Attias Date: Mon, 16 Dec 2024 11:54:54 +0200 Subject: [PATCH 43/63] Update NFS.md Added > before a warning --- docs/NFS.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/docs/NFS.md b/docs/NFS.md index 0fb8d288b..72ec5f859 100644 --- a/docs/NFS.md +++ b/docs/NFS.md @@ -124,11 +124,11 @@ The WEKA CSI Plugin requires specific NFS permissions, which it automatically co 7. **User Squash**: `None` 8. **Authentication Types**: `NONE`, `SYS` -**Warning**: -WEKA NFS servers evaluate permissions based on the order in the permissions list. -If multiple permissions match the IP address of the Kubernetes node and filesystem, a conflict may occur. -Therefore, it is strongly recommended not to create additional permissions for the same filesystem. -Additionally, if multiple client groups are used, ensure that the IP addresses of the groups do not overlap. +>**Warning**: +>WEKA NFS servers evaluate permissions based on the order in the permissions list. +>If multiple permissions match the IP address of the Kubernetes node and filesystem, a conflict may occur. +>Therefore, it is strongly recommended not to create additional permissions for the same filesystem. +>Additionally, if multiple client groups are used, ensure that the IP addresses of the groups do not overlap. ## WEKA cluster preparation From 935a53c7a563176e94e344d6a838c3f7d5ce9550 Mon Sep 17 00:00:00 2001 From: Ari Attias Date: Mon, 16 Dec 2024 12:16:06 +0200 Subject: [PATCH 44/63] Update NFS.md Added a link to installation with NFS --- docs/NFS.md | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/docs/NFS.md b/docs/NFS.md index 72ec5f859..e01d5ccde 100644 --- a/docs/NFS.md +++ b/docs/NFS.md @@ -38,7 +38,10 @@ The WEKA CSI Plugin with NFS transport is fully interoperable with the native We #### Mount options -The WEKA CSI Plugin automatically sets mount options for NFS transport. When custom mount options are specified in the storage class, the WEKA CSI Plugin translates them into NFS alternatives. Any unknown or unsupported mount options are ignored. +The WEKA CSI Plugin automatically sets mount options for NFS transport. When custom mount options are specified in the storage class, the WEKA CSI Plugin translates them into NFS alternatives. +>**Note**: +>To customize mount behavior, always specify options in the storage class. The WEKA CSI Plugin ensures compatibility by translating these options to NFS-supported alternatives. +>Directly setting NFS mount options is not supported. Any unknown or unsupported mount options are ignored. #### QoS and performance @@ -94,7 +97,7 @@ Upon starting, the WEKA CSI Plugin performs the following steps: 2. **NFS failback check**: * If the WEKA client is not set up, the plugin checks if NFS failback is enabled or if NFS use is forced. * If NFS failback is enabled, the plugin uses NFS transport for volume provisioning and publishing. - * If NFS failback is disabled, the plugin does not start and logs an error message. See the section to enable NFS failback. + * If NFS failback is disabled, the plugin does not start and logs an error message. To enable NFS failback, see [Install the WEKA CSI Plugin with NFS transport](#install-the-weka-csi-plugin-with-nfs-transport). The plugin uses NFS transport for all volume operations when NFS mode is enabled. For any volume creation or publishing request, the WEKA CSI plugin performs the following: From 350572d53f3bffec76770dd33c15d80f0a6f1166 Mon Sep 17 00:00:00 2001 From: Ari Attias Date: Mon, 16 Dec 2024 12:25:56 +0200 Subject: [PATCH 45/63] Update migrate-legacy-csi-volumes.sh Added: Specify the port if the host is not connected to the cluster. --- migration/migrate-legacy-csi-volumes.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/migration/migrate-legacy-csi-volumes.sh b/migration/migrate-legacy-csi-volumes.sh index f2bc994de..b70f477c7 100755 --- a/migration/migrate-legacy-csi-volumes.sh +++ b/migration/migrate-legacy-csi-volumes.sh @@ -31,7 +31,7 @@ Optional parameters: -------------------- --debug Execute with debug level logging --csi-volumes-dir Assume CSI volumes are stored in different directory on the filesystem. Default is "csi-volumes" ---endpoint-address API_ADDRESS:PORT of a WEKA backend server for stateless clients. +--endpoint-address API_ADDRESS:PORT of a WEKA backend server for stateless clients. Specify the port if the host is not connected to the cluster. DELIM } From 4bde91554de9ba11b2eb7375e5bb9e47bcbb287a Mon Sep 17 00:00:00 2001 From: Ari Attias Date: Mon, 16 Dec 2024 12:36:38 +0200 Subject: [PATCH 46/63] Update upgrade-legacy-pv.md Added to the note: This fallback mode of version **0.7.0** is discouraged as it will be deprecated and removed starting with CSI 3.0. --- migration/upgrade-legacy-pv.md | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/migration/upgrade-legacy-pv.md b/migration/upgrade-legacy-pv.md index 3b2ea74a6..b6f18ebf3 100644 --- a/migration/upgrade-legacy-pv.md +++ b/migration/upgrade-legacy-pv.md @@ -14,8 +14,9 @@ Kubernetes does not allow modifying the StorageClass parameters; hence every vol WEKA CSI Plugin **0.7.0** provides a unique configuration mode in which legacy volumes can be bound to a single secret, referring to a single WEKA cluster API connection parameters. In this configuration mode, every request to serve, such as create, delete, and expand, a legacy Persistent Volume (or Persistent Volume Claim) that originates from a Legacy Storage Class (without reference to an API secret) communicates to that cluster. -**Note**: -Volumes provisioned by the CSI Plugin of version **0.7.0** in the API-based communication model, but on older versions of the WEKA cluster (below version **3.13.0**), are still in legacy mode. However, because the storage class already contains the secret reference, specifying the `legacyVolumeSecretName` parameter is unnecessary, and you can safely skip to the **Migrate legacy volumes** procedure below. +>**Note**: +>* This fallback mode of version **0.7.0** is discouraged as it will be deprecated and removed starting with CSI 3.0. +>* Volumes provisioned by the CSI Plugin of version **0.7.0** in the API-based communication model, but on older versions of the WEKA cluster (below version **3.13.0**), are still in legacy mode. However, because the storage class already contains the secret reference, specifying the `legacyVolumeSecretName` parameter is unnecessary, and you can safely skip to the **Migrate legacy volumes** procedure below. To bind legacy volumes to a single secret, perform the following: @@ -32,8 +33,8 @@ helm upgrade csi-wekafs --namespace csi-wekafs csi-wekafs/csi-wekafsplugin \ ``` -**Warning**: -If you do not create the Kubernetes secret before executing the helm upgrade, the CSI Plugin components remain `Pending` after the upgrade. +>**Warning**: +>If you do not create the Kubernetes secret before executing the helm upgrade, the CSI Plugin components remain `Pending` after the upgrade. ## Migrate legacy volumes @@ -70,8 +71,8 @@ Where: * ``: Specifies the filesystem name on which the CSI volumes are located. * ``: Optional parameter. Specifies the directory in the filesystem where the CSI volumes are stored. Set this parameter only if the directory differs from default values. -**Note**: -On a stateless client, you must specify the `--endpoint-address` to successfully mount a filesystem. However, if the container is part of the WEKA cluster (either client or backend), this is not necessary. +>**Note**: +>On a stateless client, you must specify the `--endpoint-address` to successfully mount a filesystem. However, if the container is part of the WEKA cluster (either client or backend), this is not necessary. Example: From 453b4dfec2c16e8f8091498ba57abc3e969c713d Mon Sep 17 00:00:00 2001 From: Ari Attias Date: Mon, 16 Dec 2024 12:45:42 +0200 Subject: [PATCH 47/63] Update README.md Updated the intro with: - This section applies to ... - The purpose of this section ... --- selinux/README.md | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/selinux/README.md b/selinux/README.md index 4846a4a3d..9b4964d64 100644 --- a/selinux/README.md +++ b/selinux/README.md @@ -1,7 +1,11 @@ # Add SELinux support ## Overview -Security-Enhanced Linux (SELinux) is a Linux kernel security module that provides a mechanism for supporting access control security policies, including mandatory access controls (MAC). +Security-Enhanced Linux (SELinux) is a Linux kernel security module designed to enforce access control security policies, including Mandatory Access Controls (MAC). + +This section applies exclusively to SELinux-enabled deployments that are not based on the Red Hat OpenShift Container Platform (OCP). In OCP environments, all required configurations are automatically handled. + +The purpose of this section is to address permission issues that prevent containers from accessing objects stored on the WEKA cluster. To add SELinux support, perform the following procedures: From 94b55f3fcc10d1c30f16cbfd6bff4fb39f462160 Mon Sep 17 00:00:00 2001 From: Ari Attias Date: Mon, 16 Dec 2024 12:48:33 +0200 Subject: [PATCH 48/63] Update storage-class-configurations.md Added > before notes --- docs/storage-class-configurations.md | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/docs/storage-class-configurations.md b/docs/storage-class-configurations.md index a5bf466bd..909955e20 100644 --- a/docs/storage-class-configurations.md +++ b/docs/storage-class-configurations.md @@ -26,7 +26,8 @@ Adhere to the following: * Snapshot quota integration requires WEKA cluster version **4.2** and higher. * Authenticated mounts for filesystems set with `auth-required=true`, and filesystems in the non-root organization, require WEKA cluster version **3.14.0** and higher. -**Note**: The legacy communication model is deprecated and will be removed in the next release. If you are using the legacy communication model, replacing it with the API-based one is recommended. +>**Note**: +>The legacy communication model is deprecated and will be removed in the next release. If you are using the legacy communication model, replacing it with the API-based one is recommended. ## Prerequisites @@ -103,7 +104,8 @@ csi-wekafs-api-secret Opaque 5 7m
-**Note**: To provision CSI volumes on filesystems residing in non-root organizations or filesystems, set with `auth-required=true`. A CSI Plugin of version **0.8.4** and higher and WEKA cluster version **3.14** and higher are required. +>**Note**: +>To provision CSI volumes on filesystems residing in non-root organizations or filesystems, set with `auth-required=true`. A CSI Plugin of version **0.8.4** and higher and WEKA cluster version **3.14** and higher are required. #### Secret data parameters @@ -125,7 +127,8 @@ k8s worker nodes connected to multiple WEKA clusters 2. Create secret data files for each WEKA cluster. In the `localContainerName` set the relevant client container name. For example, for client 1 set the name of the client container connected to cluster 1. 3. Configure storage classes using the relevant secret data file. -**Note**: Filesystem names used for k8s (defined in the storage classes) must be unique across all clusters. +>**Note**: +>Filesystem names used for k8s (defined in the storage classes) must be unique across all clusters. **Related topic** From c4ea5fa4fcb89fc8df15aa06d9da9cf22d21504e Mon Sep 17 00:00:00 2001 From: Ari Attias Date: Mon, 16 Dec 2024 13:30:27 +0200 Subject: [PATCH 49/63] Update upgrade-legacy-pv.md Reworded the note about volumes provisioned in 0.7.0. --- migration/upgrade-legacy-pv.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/migration/upgrade-legacy-pv.md b/migration/upgrade-legacy-pv.md index b6f18ebf3..788851a4c 100644 --- a/migration/upgrade-legacy-pv.md +++ b/migration/upgrade-legacy-pv.md @@ -12,11 +12,11 @@ In the API-based communication model, Kubernetes StorageClass refers to a secret Kubernetes does not allow modifying the StorageClass parameters; hence every volume created with the legacy-model storage class never reports its credentials. -WEKA CSI Plugin **0.7.0** provides a unique configuration mode in which legacy volumes can be bound to a single secret, referring to a single WEKA cluster API connection parameters. In this configuration mode, every request to serve, such as create, delete, and expand, a legacy Persistent Volume (or Persistent Volume Claim) that originates from a Legacy Storage Class (without reference to an API secret) communicates to that cluster. +The Weka CSI Plugin 0.7.0 includes a configuration mode that binds legacy volumes to a single secret, which refers to the WekaFS cluster API connection parameters. In this mode, all requests to manage (create, delete, expand, etc.) legacy Persistent Volumes (PVs) or Persistent Volume Claims (PVCs) from a Legacy Storage Class (without an API secret reference) are directed to that cluster. >**Note**: >* This fallback mode of version **0.7.0** is discouraged as it will be deprecated and removed starting with CSI 3.0. ->* Volumes provisioned by the CSI Plugin of version **0.7.0** in the API-based communication model, but on older versions of the WEKA cluster (below version **3.13.0**), are still in legacy mode. However, because the storage class already contains the secret reference, specifying the `legacyVolumeSecretName` parameter is unnecessary, and you can safely skip to the **Migrate legacy volumes** procedure below. +>* Volumes provisioned by the CSI Plugin of version **0.7.0** in the API-based communication modelon Weka cluster versions earlier than 3.13.0 are still provisioned in legacy mode. The storage class already includes the secret reference. As a result, specifying the `legacyVolumeSecretName` parameter is unnecessary. You can proceed to [Migrate legacy volumes](#migrate-legacy-volumes). To bind legacy volumes to a single secret, perform the following: From 3b086b2a8dfc7281adfea8f9c31395efec3ddd38 Mon Sep 17 00:00:00 2001 From: Ari Attias Date: Tue, 17 Dec 2024 11:25:40 +0200 Subject: [PATCH 50/63] Add CSI-k8s-wekafs-nfs Replacing the image: k8s-multiple-clusters.png --- docs/csi-images/ CSI-k8s-wekafs-nfs.png | Bin 0 -> 85721 bytes 1 file changed, 0 insertions(+), 0 deletions(-) create mode 100644 docs/csi-images/ CSI-k8s-wekafs-nfs.png diff --git a/docs/csi-images/ CSI-k8s-wekafs-nfs.png b/docs/csi-images/ CSI-k8s-wekafs-nfs.png new file mode 100644 index 0000000000000000000000000000000000000000..0517beaab7898c604d63365f28dbd6e8ce57844b GIT binary patch literal 85721 zcmb4rWmsHI(l#={;DZKt2^L&}TX1&^4DRm19fBvgli= znAd?tm;0MgP{L5s;v#Au&_^E;G6;Xp`t2Uh62JNFbvoZi3=2=lQg8$QBwvJh7D9zq z9IS+e0zK_@I?4r(V!(5^*ikW=BpbgAG`gIP_3f< zN}K1`wRK@k0JMlO2n6`gB@#GOo1*Xq5hl=|j0_0;_XP1XY_-oGS( zZ~(ywAK=W$DgM%83y_18N}xgc%~kM48A3J@8Ce@Gi$|b5*k&sNLhlR;Ou(&zFm#Ps z33)!!Kg9Ehkb&6URSLFnUZ38H5&(Xbupt`-edYO|l?V6(!=dm&1fKs(J2(`wNV6iT zjQ`$^Kw)8kxIYRon*YCc4l)~ym@q(!U5!fNzjsuGj101T_+SYVajbx+hns2kaelFM zF5AyE3k10#Tx}Oa3@%#(@dR`RNPj7OJ&xZJkck?-I$@py17Yq*?R~{gf86LN&XD@v zk}o?AGu8P%eZt93PnV4qxW<#u;!hoWzf06|+Wug%*%z&TF*8SM{i`CM(5@+9XDm}! zx74CppWSRE$KdHev(B&we%O;L_wRbn!#l6`r}s16S0e5T`oC`oKMMDCR)s*_WxqUz z4Gj(LwOx*>a%Ktn31<2|-_5l9c-=p&z9`(?-EnxFf$z7I4T=mpd}k^?@_pLN4cnWP zB+XA`&{Qc@$TZ5ySNZUFgGVr+ULKZKp9?&QRj6oaRF)cS_oLXyax}_yQq4cFYn?rL zo&HFch$T7Re6T>nMo7t9aqK4+Y!|d&;s12A>^_U6FkK+8o)yX5u4SmUMDB6B9yaSY z1NTNxX{nT;&UX*%t%&daJ}m(YSa_n&bvxIB%(#ly{dn<%dA1K%et!NWiNqtiye?$sp$aS`hk7Sw&G%QQ8h0d^)2#gf|0tB-bW##jXm4o+7e5HV~;91)i>^ zT{fe+Rr+IyEq6vz>)|s`J6^KJ1a9>DcX)Ih&qlddZx;)25GEEyl*B#Gf4;H2JzEFx zV`5_NwVt+rA7<{*E7!SW8;T}Vf(3@d*T4&x4^ohWj0)V=I-xm{kEik@DG&%ngWG)` zN*LPN*w|)#JUyG4(W0)OZdMBgysnjQPL^jeJtA?LyvP5bCJlF$k;R#rnilVcAitSP zw{I`T!{W#W79rHZfGk*5uRZu>Jm9dFo1JN0j~CTv8{JP==%139bZ6N3@LmopJ1Wew zetmQ&-rm|O+Pz2Ke!S^;QJ1?7Kp;_a73LErH6<1JlmL%LB=t+*tGv>8T=1dHC`aJa zl@h_y(UHxki$Pkt_wTjelveOA7Z+y9j0?T+8{QGIOQgVBjKs01>AK{mJi#)9Uk5VC zSNj%JvQYbf+$vEoEs{^?LaM}|l-TQcdgby+pq|g4*@GVv7u+izLGONCsk9t7EbZ-P z`!#5Zj?x6}Bhj4Q{C1AjA^(ic$^H|12>wN0US9pNK_m!XO-H9hs-fwqx z@cc?6ujb?Uv`PB1H+jxzQtaY)+e50xn94&FMP`^o->}*2~T%A!s39{W zlF_->9Qn1??wH%oMA2^(#=>^T1#U8Sucj3>PlYUMiCe-r!#(m~kdsNW61?JWPFhc| z&rGz0O58Xb8mp=%dUPaa$0|FXTV!;yu0DPGbD&O*#!uoMfrCc>yw(+z<@dNrnicu3 zWuS-af~0Pe@rBbFP=!Xj=Y;=z5^|?fAxE>&Bnk zZ1B&3!ltHqSl{0@rm_YLrJ9x3zdd&|NgfNyw2l=Y5jHvi{7ITy-rM_x#vL7h=5&$5 zbnSo4vYU?)Wr}|+uY*JE`lYNGMXDk0QJ|2i6LLx^&+`<0RnH38d_Pg6hTO%bCd-Jy z8RKt81yUhP(er!yQ^0Y4QCL{W&<7omZ`c!>wNPvRFm*BV5m7y@*q^Q%e)8tGM~}|? z56GenF#07Bl8c+-DJAc}Y-|T~_7Qp{#D(7nI9@Vp<#)-V!uNB@eAc!Q!4So@=20h@ zk?a>MG8+B7<HXI9&RZ)2k&dT*!40IZ&l&B4)70+39&0_aP^YJVa{pK_9 z#W2@adySZU967e(xA2>6O@ah4x9uWFBB@JHsuaNzp_HS4U}f8d%m?&ttXq6$)6&(o zkH9t7w(f5<6(ADwHPI%3#%~+ulUY%n_zx-go zC6^Adeg9{Xj!i$H*4aUt44RziA6Cr1uN!1|;~3CWehIVPt7-AzBzOq~Gl!%3YAa6D zr8m?m7JXq1_Ic;5NaeGwFV7E&Ak}iH4j@p{BlTS6e5&-*KFg9MF$-*n1H!tJ^+_lH zxsesQ+?z0Mk`3~NgJir~L*t2a(rk<7_eI<#&>x1eEl2-)$H@&=8Aq?Ucp__ zc2uyDOP8dC697gjwHms8z!{&n5F99Au%bXjCAq~4=5K)03=&a%41C>w!&?0DseD;= zK?}OB?=1Mw7sJfzM8R)+1MDgGYJ%kH<4;1~=quf^q|QL|bNr6Tv$KEuvunL4OklG= zR+Hn;7S5xDVosO+M2z3_Wp)eitVf-%lImyJ1oZaEPq&I^^-#_3r~2sWCUon{#)Yhn zQ`yflh|4rSvrl6M@>w4uaf>Z1!jx$rCCM#5b=~ux>DsQzLxJ~8rc(AQH{4jZS=6$eLtCzBkD?5%cmSW&tqe*Xb1vsKgd?t&j!&6>KIaOfG4sF##9 zq{M_7Uz?qk(bZDYu;g<;DXX|gHa&z&R|L$7-X27^^gLq)ggCe+GDF;ys?g3F(_w7V zSA$r7i)E8WE0>bPX6%dzbChlv8IEq9rbcvIz{-CyKq;8+m`TciUN^0vI;aHS-C(;k z^JiL7NL>^6txs#Z;U;RjT-IAm>+u=qTITtn+A10IEYE@q^vF+LzTPuM%76z~espXC zZo4v@R_#4a|7PFtw=PH#Y?A9EK(X?(IJ!AYtdLDs_Ril8|;N=3ewq6DEOxL7tf)^&SP!#3Z z?tO@nz8mLo*;7g!9|+<^^$9V@oFAuL69S|wb7nV8;XcyBylJwUez7fLM&3&cK2U6Z zI%c4Pw-fh|3Q%CvIEU=W56p_SIRraGm(I12PPoluh=l4lpReO{R2Rq}>xlE}PieH` zc+wQ;8Fc!b*Wy$;I$@}zB#x%xau_jAnLJcQcCoY@zl8%sC z#_WsLP32q;Iob&N;`Wp^Z@yO|_drxqPx~?Axaq#EGpdJwysmcO{TSJw; zV#zan9TH}8-kjwZiOF9V78tha>>CRVf_?@7(maXJ$qm`jL}1A?fH-eM+=PUC4CPEo7V`yRoqN=; z0jv*z49`#-yPcfXvve?`AW@oH=bOBJoi%6g`%Ec#6(aEdn=U^~U1n3lLwWnLq&G2aPjXaHM*Ho1ZLIJ z8gNE5u`h5QuRHKt36`5SAuLw|STe7mi(LwRiT;kO47|&kRSjh`Qs8Ft&~MyNwsE@! zmx%k0xr$FEIhuhByXzPh24%4Nl2wgGwqH&*vD7{Edz6x`2!RbvAO_Dp0%?Qg#hJ<% zdSpUhkO!hcvzM^nUW;*UEZ3N3#MW?_{~0MM_N?6oKH-nz-X>&1sA~L}PnA{dNy(pa z(0gg#H)#Y!;_5@6pY<;8I!V|Uu(V8e_X)M7J5(E^tU1q5gmn%Ve?C3WQ);#eU?8#~ z6Bpbp5I#fg4e02W2l-O&eG066bt{K{pzD3>;tSPgv94U14?=yvb~qn0#=v6b&b=j`X2|_|F&dRBZC=LTLerq0|g|dxr+{3qQ z8o%*2tI5NOdl)jhB9E^Ng-{>44&8f=o#_w!!Szgxd-UE_3-ETCb#KtY-dzSP#=E9;>p_fS^}U!FIDo3dH1ot+i>`5Ux7+>BS_kU2>gdekNW8o-A?Btp)da$X zd==5q-BjbBqLtN8lm!pKxQ~Zr(Ne;)Tgv!b=pZ4p5B(a%>l&r0 z2K6dk8$4em)2|s%^~?6O^8kaoXa=OhZ!#dO1+X;ri2&UxEI&BI?toec8I|IE>E+9Y-i$Gc5O7j}@x?1k%OE{LE(#>tyW?N@D9U^<@_l z1|K5D&p}{*TIihf&Js)yT!~w$zkmkWA`tk380FDs9F(tfR25Pj#Y#p(^RACtH{}$J zkKfR@2(P@mj!05XmhZ-W$ddxom9?nFCFfq{ZNvCx-?O_&E(|DLFwMdt;{M_Kk9D^jBR*oP9bh>+qfMO<|)ej5&=d$X9w9d3kT zsE04c^JF`sse2N1o*^SdSD)XYg8pxurxO7EBcSUgUYkEy!mmqtH)uJ}@9br>|57** z^CGEZn7B0&Joj#ky;SITGMuyF4)Z|hH+u;}(N9$%lsA6R^2x@y_7b$e zpJ%oSE6tklL)45H!M2n8S2UzgOExGW)2l5RTFn}neLrQ&^RxaJN2?$wgUPd=KsNk0 zO|NK=5f%hpGp=3DoBQv;D_(`u`&~Bjgw| z?K}!Jx@1xk1`f_Tn)xIqH8qV=;61g$|Iw;M2m$_TxUK?c0*18p8R@Slo+(Z1tYqn! zR`tFq?JvKJ_|za@K=TKSjx(f4KQR0Yo8Dh=l7&J^UqMYvO~Et^AhYHAvn~NpLVFk~ z5x&(9|2iYQa3V!HB~({+TzzyadgA1U>xZkmZ^m_ja8kXLZJc36?&(y#)>80)4pT%& z329Uatf@c5U2RaVLP!I3028X$Jg!p0+>V&@7Z^TU>;^bl%~HinT*(z|rqd{Ed=j8m z>SGq2x=4H7sWfrTA+&I)t)B02+atGH4tfUS?6_~HKimG?I#-j5!Fhk~e3yjzOq82t ztFnIuZOM^?#V%>~1swA&4h2~K3K|CReipV&4MW>ao}Lphy_($+y?0WECT1$JIU=mZ z+Pezacd>fmuv%h_I54MqtC}-}?L-UYk%XXvyLd8)h7?eJjh^mwOv_rL?7qAb)^4AY zOT}<5FXt%kJ*`gb4(?z z{s_T;#TyLrP>$2)o4&6!f z-6F9p)$H{b&7w_qHKb?CM7|v@qLC^Ml0%kWj{@zHH}9E~;Jct9da3bd`jIoFZai>p zZxv#21bR5XZbo+akqF*26evx!m#D+ z9A<+fV}YmjXA8n5zWXH}czQ0*_W{$GILV=y90GNzr~{2-8`{@0W-%YXSb~$)4kl?* zbvTSfR5Yw%L>SK@Jf|d!@pd!+;P_$4k~;l}(WL7<%=H=|`Lc6t$oz)%NlDmQ^UYLT zg{6y8Blb=r-OPQ{r#5Tdlzbum3qGD#K)GKsD>MS?xAYOelEg3<4nx;@fBlELU5EFH z2ez}gLqYJ4F7_){qw9RQNH=Fw@i)=(4s3e;_f6JF ze=M^_kJD(Y!y=WMx0}hV&G{a*9Lm99;ZqAGdN17{K;>B8$6EjwmhH ztT+88NgI=lGummVb4km8*|EsqcdO;fGQFE%5PPLLbLfO=K0gF6&bnxe{`J%V&}ZY( zHdyT@u*fkT*po)>BxcMw>%q`RJ2pgK#VO5o;kc})$i(xfc3ENVI!F@}MXtze0JE_FaESWE5IrO{ZRV7SPCM)932b-ma zD3G2zk;(d{138nSt%W-mKWQ(DllVA?6?7}*Fg-{FV~RouAMxNgWvdq0Yn@ z-x_pm^Nxy|U!R3dRlcqI0xRZD;iTFrZIF=A@3)fp(^9^&pIahViY+x?os`jykTU#- zfuAUlGwhSooNfOs>Y+E>3bUG`E-Z9b=4qgxIu70Rb#VtbNtJ}1gQfGkcT3<`C=s`t zb+(m(AS^o>i_r#^maROwm53A*T^?5z(m{q-1rJ5jM5wjN6DIHCt79Nlni9K%>yfbB z_|c^f)tD#nyHGjh9m&1jEUQjSakwv7HRn0gV``Zp8ctfS#ng6*w9?~+3C5%?77F25 zsP`R(Sv6@*>QU?w9;p~!v67ygUX~`Tw$bPZ6RD{xrp2$i66{SCOayb^3;wV#(54lU zi^0$$Li9A*H=w`jJ0te&M)TcE71#J0?Ov1Lmh)W&d_bPrVQJxyRo;TJi7-N!>u9B( zQ$FiOD5k3K*z&MU4)yi#5X!xL21ZxiX}un055<|`t4ND?-`$FqGB0sCI=3w zh#cd=RZsoUC-tN%_|W z55831b2@h7yWZf2eos{U6MpV=niIJ~S8p9u8^&KY%=sIb4bd)DX*Ir@h{T3w$cqX? ztQ=x?e~oojaOaLdew~{n9ZragGHwgc84K`}7H0oDE5Mn`ZESF6V-2-?CxbG{K?GK3 z!>R1|9scTMGN1*-w$Dfna54hcvM~gIf^RHvo!AcO$Q>wK^9Gm!k) zN(A+0nta8KQUzz>avPabpNe}KCL}nBk7j+EUM8I_fflvnSIVdKYkgZitpkGu*XjXMw$Icx`%Cl{U&x|Xp~wV&sf%t#CP?>pW?&w!7Dnx5ueBJ zZS>>Hnmp{Qy@AKd*U2<6d48vZ_K+17(E(y`&I{Uu@)HQbD$Bue9d7)0KdmAWt<~Gg zkS`l*7e*IA*UR%{r6l>RFLGwjMFO%jyNFj2%PI?pfXP(aJcdfV%X#FV{ru-Ey^D&| zVx1}DXr^xj)2|cGR9ye4=kr%E0}N(_f@q&18B|DuFE0vK7r0fEiE7pqAW9;nC{IH$ zN16ESAnnugvfVSp74}18Vz$t1DjKUMQK`uMXO+BO`@$iAqw_Eoud8rNT8Q8IG%K!} zY$|@i1qxrPN{Y5w9u0^nSm+_0=IS=A`D)Sq4sa7ApL)0AW#}VVz>o+=cS&)_hDRcF zOQwUaaa72`#$a(p<_J;cC|ONpq(3|`?W&#L54mzjFF6bznPVz{{D z_({3J{hRb-HFJ;C9Z6b010FJ6^k<8+wPQ6s9DZBV|G4yl_Ici9T{-_qM`iToxp0_Z z0#6VPS9X^Bc^6!dC_uBkbQ>4iGxCdl$^?Ij^wi_&RefBy^|*=o>vatO)@Djsykw7= zauYNYnEMqqZDK4Uvn zM0%?V3CP%{Q%@z*nop(%O(*VvU=B{-4Jb?E8kzZY4WQ&_21ifMj9=`fn}*ER#ipGt z5`R!rO6d{`!MBq8YdAO~JE8R>7SyYC7qc<1K0VyMf1J(g;;)Fa{Xu$1rpZJo#^AY$ zug%e*_z9;YisfgQS;nll#
XDBWv1B0s2_@;Ua)tq<%MzDNYUEQ|n$fy>Y7IKu$q#^9&YzSjV#_aGnVz+-lu0sT4*EeOUKCt>JW|fKSW(e&o|^(=+(z^!Lzr zn|GW7&42UWN~%DAdnf=1`U&-|SXtPVd+?&q=1a(cw@$2O&lef|RP7?WJM0FS2aQH#lS^`_hK)5V;` zOvd=Agm5aKcBgkjavduyIt_mbiVd*NP?8n(C_`=mU$5vNC1wSJ2D&+{*N&SQXVav2 zMjigFyxiw=V?mqF{`!z#9P1kci@TDpDr{es(-`{$?C(rnJ;%BPP6nNLtbj;4SjW-BvkBCKi8;jD%eM3sUJyaM>`!WchRfZH_*(6TZ zITzB@D@tIC0S&YuG>o#fivIW`&ZR-SH^#iY67aR#EcsAjSfv$#oZ}#Fq=8QYnhmFK zoyDOHI4>8JpK{n|UOj3|{YGp7Y$I`;KZdo};--neEja=GiH!FjdG3t=uJwVAwcd~8 z8>}6IJr;ULvg`-==V0{|^j*^Ln(c#{zBUZa6xB*vcbYLCzzAOd)o%0CT7&J$qSn2M`7qqm$7?!1}ZdK4ToI6~Bsu zk;zyCMZ|&s6!f^Oj+zijg7=A%s#<}F(A34BrFh)vLt6X~mHpgO!iz6WzswL!bLALK z8;wwRJ$u+iTRJC9D@|9w^urv5&RG5x#6V#xP$ztXEkao$z!0sJImP1;N}ngRK2+9^4B58g08s(Ckd5 z0>VVS3K&YaC={A?b&n@Qt4kH;TG9r#e(0neGNBQe5Rn{PlvGcp^LT9ATaeSn1$;Rj ze(dRDF%ngS&#bz+P&q$$?yImAaN0$s+?U)YOX$X@)!lb;#OjmM%vM{6*-*>M7d1Cr z#`#kw{)@!lFj*CVR{cbF1S|(wU^5dX4(@RNnWt-#Ox*?}wz*DIwM27w>v?_Ra@`So zb9I0UkYcj>1SeG)2h6RNEj4LL{h|NcMWP{XAh}8jX$7%8IWw#CIzF{s`cqMh?c%7p z8^XCA27L#Ar7kcW)nxf#oWLHH!&i46PJvaUN(=yWrLB?83}pla7O%f8`(<7o&$UWA zI9`BATUFIRJORRE-p*WjnpeQ=wp3gxE*E2V`{jJTC#Rqp+j5SG{K=D05~Dl!R<&&j zG~!0_@WHxkc;hX4-wr7g|4w@RVa;RZ_BLW&fV*c826NKFUx<`U2@6;h9mcP{Yyv;@x-~B1TMamoWxrY8QnN&8CAp{7Q*p zG4xBQvEx>1Cxh@>D(!h*D-P)v)G1DGcNXQm|G-x}4N)2m9Z<*+&G_M4h#x#R8B<+H=+q~Q=^lWEq zqgH=;w@v+)(U|mbh_5Y`TQ=MtU;^lMe+gT@hcOH8s7gm_0H-jQ9&DvL$UYLq(>p;&Zacp3n0fW z$-k#-QyLL;&~Q|1#u1)xnc*Id&uK&Z>%0Kx#|X?f9$ahqY)e!=31Tvq zcS~xb%%dZ_atjj+m;+26K(m zBBq~hGHzG|6rkDmVg8Ri+%#e$@$h(6zlcBbXFa!<@33wfjTR|+c$&IgD8Ha-8N5em zr@`M*lLptDuAAT&tcu|+b0&#K_z)dMQHd_PJBgrO1HE!XwddfOU) z(!JiguL&6-48{kjue(8>rghQs_M&hOwL7Rkc6B!ev*knG&K4H>pjwaJcX7|+!v<%* zM<-i~SOnV-JlSN=2ilU3lg95mZwC$jksMKdvL$l7(DXHYkDL&3fStCvfQG3sA{KHS zCIh5B0O$8NVezX8dg|YRiXL|>yllVXe!zpiMbRCWZPz#^jUIt>BC&Dit$_+(utR8X zFbkb+vHZ5ET~vxB;St9@Wzls8HC`0U`gK|oEo+394ZM5JbuHPD8KTXITy7rvd6b(+ z9vWIlim9n29BjatSFxfo)Y|x?A|#MH(flva7aR#iGY*=ovLRw~z_j5N_wU0f<+$C0 zLRfduoD1WAHa$nPBCfNgoZ3)J+a#o&q&qr6fIb5jV*tS>a`b8T{yWE5@9^8-2 z09_yk@w%1A-AER^E#RtnGb8{5yuX{{?FeF!^nTz7cGBbPun>S#NE~RTiJC8hhmR{C+;aTc21XR^YGT~dR_^P2kqr1VJY^So+B_U|3BJO;K zy1@o7&IP(h02K!Q(SaaKKoxIIfad!$_?JOuxqzxo0=Jms7+H<4b{WyA50b=dKs`QU zX0sK9=VDln5Ql&UQ$>1fk>LayOdYw~E_G+SDw&;nt>$X%l)}pGdN)>@aI^99$r@U3SD=a~tgPzFo%?+!$Iv8Ncj~V$TX8bneDf|TKYBjI z(-9pBVBB%a-98&Vc2s+2paUf|H})+atl8A&?UC&f_;)`H4M3Zb5)R3_S)S)(E;PH< zM8e-kBFPRF3o`r3 zh8w)%(yQ(0rP~wNwyU~*Zc#f6Yhfs8J$#pP_`dk-3WcakTxOaUaPi0}7~L6W`h2Mo z#~bX`hPSB6SZ}H~^_m_7mLh20C!&BnbCtd0x#w(ls1N(vMBpXKMIHFF6q^E=sEIbL z_OWHTzAB951RUW4YyB7xI~x!P-5!tqmD~&wmqcnZl^E=TW~F&9r2k1|;K8JLkeb$J z$lKUqy#-&OIFmN*ypO5>yo)xhBuzfgxt*Bi$e+uF{AnuM{8*dv?y%PBHZNVplwhVk zRkI4#Cll@QjZ0N;v?BU7gC)u?%lOEqJRc8MtAEJ+6xqdAfxu6f;L*^kZ^2H~y|k~0 zj(JDevK3?GWA`ww+3+v0%9(ViF`!GSYQb!IOy%D3BP)A@IA>&E0lrOm^KojB+ED5H z{w99Y)t*{?U|3je!4%c?#{wUTdrgq+h=Vz_CN2*t;r`kq;i3YtO!b|0CroKFS8x~V zV?f+OrO#(xOq3Xx8zM7OGqW+L)SikJ9hn}l>i5lV1v>`NcYkqz;S^wJk{4mN;AV%h z&YS5>bV(jtaLa}|h>Z2T?;w)3lM3O)n`J$8&Vd#=q6y)pElTn1U}(R~fbUX5*xN<8 zJyG}bf`MJYM!;IwEqDqwnkHDvM~?9#%Jji0!^Js)vtZE<%iO%uNGRbsH;$Xs&X8{a zjj65fDSPAM?iJLw=}rh^$%T;8)TbAD%ZgO|=1HzYTdU zAAlH15||Gog=@V1jNlDa=gbJPX}T~?E3k2ls*zcBwxpZ~`JUlMoBtDMw;$y#-R~1H z4njAjLSq*>GSAe+@KcFOzz#;Kz$)XWYO_{mG0id#mi>I5L4Q9v+F{l=n@RU7rTgi7 zOhKF|bR%%#Ruyf(8Q}y67Fq6Guxu{I50&yI1o#}ZiJz^WoLvA6Gt( z6Z8{5#Fmu!cip)u*FJpSW@L#uN-Z#JZB!g8uqHKT%Hy)wB8v80fKNBAvmHlLc=>(x z-RkSepUqlt7&5Z~9!Hvv@MfzIohK*hcTt))6#;9AW&+vx6>h?4@SnAL<{FWM=5MJ8 z3pZLE{s|M;paLk8h#QZ7>ag_wEP=*44e^G88L_XzcUVs|GOa}w!sb$>S$oFxO#o{O(o@x(m$2AunwMYK6MkI==EfTcxW3tV+GF)T=`#Ym>O z;j$0^nRw(J9NI=dB5*WwrOmQE71(gS48p(OHfFbco9%Nvs#_7m!?@Gp|DLil2H}}} z6t79fpE)ZN{W#60h2eLygx%jn6A%k}o^|drjWTUVuO?Tke8t~Sw6th<7FjDL*o)00 zz4PSIv5nkuQB%?<9lC2W^pBJ(p|LRRx@VS)A4{b_%>^PyM^;L?hNnZ{AMlD=(8piA z#8X+EJV8%9HBS_~%Y(xkJQ*To)ph$ak+odQ^&% z#xM1;6KtYE;iSO-(A;B2XjD+ZWQ0WrR6#zwyD*NEGf)Gh;)bzndGq2f@`EZ^F zMP5|%0Oc^7h6j@FK=NB!7&H%$^y!|lM`yuuWEe`Ax~Ql5V9AFhaUzZc+8fzFwhp}j zgKVjw-690JU?qf2IG$9ej4#?F3ApjVVChDp3Ln3!Os-9|OS zUktATFa4*ZKDXsCcXH8plSB&T{Hlwewj1i%tUjuAA>14?5YxD2!0!7Xc$5?rU%#`x z!#6fqVD_g6i=w*pG^rTDg84L9qI2Z2A>uv9pB;&Wuj{jKpWEuiGtaF|q?`KhesvtZ z)nGSf%oiH;e0Fg3ktv=p19A&@_?*OD*cTu*-p&T2_MQG)B7mWlzrLU&(_i%sb4kOF(eK(5uTw-D=Z{rCU%h>5$_M#{&CuZ6*W}#o z$xD?kde4!*O}|Iat=!6cysVk}*!plyp$3CYBPg1%1@^i$;QVi*B!4?WAdvD| ziJk42y--B$8LFig5Mucnz1#fL*+cWu&dBgXmDv3`Awl(UtxNusSeoVZB}0r?dD%+t zcT*cLUo~5^UWrua`Jane++1qyj`1b_$s;d!*BIMrqfIXQ+JSc;VH=EJP?2Ma(;{Ca zor5mMpl)t;e0_dG0ZLG=ZrbxNPV%!oK zy9CKD^CE|MH*hldu-L1$4^>5i1c$GjP^XL|%%2a8?jLl+5-FW}wNWkGj+_RIPzWYz z)yJIbk<#+8AQkaTK;iHnvkuw*glT8?3vWUVQ5+y)??Tx}Ir%Y4kGxJxwm$Z%^;2B8 zSbQ5S?Xf8;fQ-Y;C;mghFXQcAjmagZr;NTa{#eauRpwEJg2UfWHL&RgOGvbCyGte^ z$n#|97+w4F5^jz37v5I@#kI-Vy2f&XD26mcq4jnqa9_5^SRCwu-kv@z*gp@-NTsif z2it&X46l~owjR)Nv=BRp#dmtMq^6!Tw^i@7zd;Xi+^KI&z%FpaMDD-}&7;dzOJ>si zn@+I83}DQn+69N0yT=UlRBJO#2ylZbSuIou{ zMyuFXZOtoCpXG$NQX*}HL-?U=eog${(N0!l$y>&Cj4*CU5HhIeS0@%o2KAa@a0C-V z6B&4{grh9Fr(}lN(_h^A)~SH$WBKRVjrKpCe-gxvOr?zavEGRrnCGtjJ|MYRKt`(f zod~02p<@&&ir*o)jv1&E$V>kbF zD;seQlEWptmnnIE_3}-*xfw&Ntz6Mp?W!QRT3Axk@K`_piSV`*mmYy}WcC<($?fO; zz^72=p{|cpdp7!9VRvzm$eB{fr+1$g(*Gbz2DOw$(#CKWsJ!n|loK^qZLH0h8;k^& zf?XgZl5`l|{TQmM&sX+a3Y^-)gq-hS61j%1DXiN|$n z^p0|>7};775+6xG4uRtv`Hdl^|H5fpMe%3+_A6Tw(oCE*_I0AU!9tUg@2v&Q@6=9c z$;J#VAHZ4eyWpJ9YbeL#9(M>FmBwLP!?%0P8R&%c9QG+A=B|ac*KF#eePa2^yMH6d z830U5E7~q4)J^pbuxV*w6w8DG>vU5~skfIfkcuOM{Z0wt+8}qV5?;|ZVN{grauf49 z(CzK2m)*6S{^C1xRI0J1_6W}8Adf%r{nXvK0&1P-VNAE-^OvEfQ(!L6Ko&@eAqxd0 zaf5-{+!!JZf7%zS$if)kCM1-N_6DFK7O0%nJ=W>y%aF1BT$lBf5h8+PnQZe`Wu%cZ z8`4%ZzLotLtXPkzA_eP)#SviZE^%IvI>O=}6Q;~5{hGH9^rr??U3o9&xGeSr{`R^= zew!@s83>nh615gYwASWzSAeP0v#VrmNdUbl`jXn%?6%*TqGl_oRVPrz{TjY)^Y$GQcu-V)#|2 zY9esFq7RXc#}l5``FMRaavfkn^y`>0m+?A>^^3fp=(#Actf#ebGF6P-yKp&JOmV6Y z0fwzI90ID#Ff3I|I7~(CduzDjGwp05j|THuAa!gQqc)x}<>T;Up%uJGQM25-i!(n? zU%1({%8EdshiypW30Nl*tS=~!2=L6gpw|CuwJgXcK4&@^bf@26lblaXjfMo+VtHm| z3}fw*F1+XAh|8@Ddv@(N>&YjS*$doe!qHI z+=onIVd*vqPSf;Rc-&3eWg*37@kJTY78N{>in_t)d@&nyh*~CHhoxadSFl^?1#E3J zv@^l&>{)le`NFC_Q@U|0R_lUE3+euZv`Z3+V+V+5RiPR3Wj-~hj+Dhrk<3Z7V5HS{ zz2}H^SV8V_g5*kG%VQ(}RobQ=_BJJh-};4ysBN&X(9htSKilGE0*;3C+v#p;K4d() zP8P`#tW10T&c*ulrSXK4j4RHyBli1B_tgxbUU?@9%i*`-RTy5377;hu$64|qTi<`g zUnw1Q!=m(5J2J29bUvx@@XJ~0QjTn z^R{@)B$QsUWHW&eybscZb4;0I<_No}cWQ+HP}~axquo}#Q}dN=e{023Z`nf88_NRQ zzM?sN-+Wk_y_!YO>I3mMX@iD~*m4;_fvM^Kit%6$DW=uBJ(|a|fPv6YktA7~=Un6; zSFAc%7)wxmy^sC2sas>Gzj;ngm$y+WS9ffvVCU#YIgkvD1C7t55&y-d0c0`GS9{7k z?&TyWAUMFAtFIF6y*A+usT^v#%(y?0>J{dzwdE9L`=@!78nDQzXkz&8YueV@Y4eWx zO0-A*PK7gjF)S%Hg9r$S0FBSOopZJwdD zs~G56P6vIGL>uCj&zUNe`fb=+H;{t7nv0qX1R#Lrc&Vw#fNgg8^VHSd)LzJ z#-W1fQPZHu$17&_x6X+mzy$XIJiHvGm|GkX(J0qq?RwKMz74@=BJ94%{HrUrmlB5U zJf>eiHk#{~zu^ZP4m~TnziR6*N(tdhFgk>XkJo9Mt?&YV>3fD~FdFFhsO5S5weSaM zFbL=*c~etUEz@L{(&evypw6}5xp;Z zpsFy4_i^p;RgW_qsxB6Y{Du+4WP-ZE_yICncv%GeYb^6>{o!<)f%%8Hsi~=Jq2bgQ zok++%^$pe=jYboK2V^?0*~Pzw7Qm=ZSw^0unzbg^Lydd8xw1~g?FcduIYa?Of#Ou; zOh6Nhk{{D7$T>0pwjGLe5(O~nHcaehdvAE%A~Bo(3O*zyg>J?G;Jr#L-V6bNjGv%B zw#DdM2&582{a;7XcJ|v@&5kF}aQXfZhu`z#0V1^oDEzgpR{|tQS7HW&EMatw{Yo-G)R4g-)PrZIqYyy*82 z{#_fih<{OVX6UNt&GL}#co?a-ur8OqMpaZcOF$Z@eZ_{evojqnt>hXefFcGm7e<&G z6867)xUEP6e4p+y1c6mJzhJgf%`-pvFl<=2gFko1QPfOnv&xjgV?ee}6{9UjYhH)ijVMZewDa+5fasKVrP)UKAd} zY!KqVX#G#6=)Y@f11u<%tUzRkgP3j{xv{!BMwWz)9}QXwV!m3`y+}5FpXl;{8SRM` zEcw3uk5wlF3+L38joiq(89wC1r4ziCgAxEVKR3icDSY#^I+(G-uVX1zEG|wGrucg} z;i`bFr_~n=LB*zOOS9dvOhN4D^Ish*5@rQXWWKAXeu@-I_c`(DKngP1c?^K+=bBh3 zh1{;{kbrJeO+AcNU?}Im{|jI*{$KD_GBApSJ#?-@TdY*G{M)y06r}L7$?x(#op)81 zxNOBeu5u~3<6mV`ijsbNK?15DHw|u5FfEtD@zozZ1-k4nCWfMu+98Pr!K3cAAv1IM z(8RyyX(0u}m~Un9F+|AXa8>GJF#-$0 z|1cluD2;%(*5n@^@K`PK$zH2(f`C^i%jxiF1Zw%F@@X8o5$4$+sTF)7HKhNh>Ah&D z0W#g9q@;t48RU*|SU|XDp6^4>cjQ2b$B0OR_6(<($`*1KAu+J5P-mT+JQdI6EnlU` z*(IX?YmXPSZd~&N?S8<`i+I9?;~mjeIc1AoJ@?!mZ*gT%d%ZwR7Xk5%_MXn8z2j6P zu5=2GvoQBbUkGg3Zx8g037eUSB4vbW46MWf@C8^!%?ji{fOh@nhjIJ5A)Ip^YJ=_w zXCFK}s4=>F$Y!sW#r|XNp@|;P-cpnCfr5iu+%Lp2lUl!z`2FYCE4;RqqwR3AwE{%M z6LpFl5_iq8Wkx4YwE{WeXm(e=1g<6`H3Aam$A}e(aeP{bO<&=prUTZXY^E>D)`%5@ z@I9IWs>NDj4s06zj6t+Zr~W<9j*%4~$(1;N*}W`|hG~wA=u4goGfve%tiYJNR4s#( zD`3B|zJGVL(ffq?_1JZy!wn&?Zy$vG1z0Z~?jr9We1->9LQN56_|2RSyNDr=5JbPS z2Y=wqu$%#|wO3!TyNV~|n4HJUJNyjV!_{D&7mB$}2)dbrR@*X>Yra5xZ&7Cbw3#zj z0X{m*bk84yk3zSlkg*@ghPMcR=)!?^+C?WfBUQkQfj+8QuTT9oIc)uv22$ntQIa`6 zsNGfk7xb9he#@+o-K6V9*s(_Da?T;VeE(y2m)GIetTS7|QF~)dwbKN6$+$=Qg{R1# z(TFJ0mCJ2%eUwr7y63H{P!oml&icR@8SKinEPy{+DlDSXw#9D3WnM#)2X4PLF0P+U zqoF?}NYE*$;D8Uo=TIYaGos>q1MmL-qv;$N;|jMf9NV^?v}w@TMq}G{GO^XzR%6>X zn>4l?+t%cp-h014FlWv_`{iDHJ?rtzZt+kk$2_|#C>}9306XIYOI@zM-(Nav9^x>o zg1RWkNxAa~8*E|WbU zViM1~nYz3s&lsV*KaG4{!+PtxSD24NP(4_dt6MNlCVCPe=iaWa2l3$#xL)U#{l-Jw zm~4w1_q#R4zJxhK+NT%i*>5@OgiC?ulD>XL@sctrW9*hpvT^DsPpzpMX~ zk8)%qQ97)t*RDcsJd&(oANxl1}>i5 z00UMi3Jq@ruP&ldhq;zgxZhkSr{~$;2-^ja1BY*f^kOYdJcImuv;w^{I=meyyhv|m+lFvMo@g`PX`4X+y4{y>ABU+6`CJu*GIBIes?!2b}=Qu(j zU)B)J)48Od^>J2IE)PYx?09Q)jmp?l*e+W#Ka}*fG`6}E)(k9mBy znLpVTyJnqKQqchl`{Jr_%3hQp5BNAJVtWIhz7^EHdY~8~gxk9&&NK@!*#XhHy&{VI znV#a*vi)_xXPGm3#QnS{kflWxSl8*vci4VC^>1=|v*tP4uPoQ;6j(g&egAFJWb&!r z@e(Ac_)+zf-51!|WPaCReS$XIISk2p(|LM!*0)4{pRDuy>`B#8L?b0Di$!D(R(xUljW;=)muVp)i23P&aX-s zUTH1e$M@*Cs`)N-?t#g=>km~ zn3aa1-%BCwaWFpfj6;n_zz7Qegr=I!lhNOEgS^F?<6MQ07TINc0h&`8U*Tmeu&4wS zR?ydhb!|aTh0Kg~Y*>jg|GiOQqmFBm4H|=GvF=c*I>D4MCu<*+17OaDaT|Fj>N>>p z-{Au37!_A~+$p_o5UbajkC&_i{9?u|P47WW~>&-18}Q0p&{(sHS- zfE(8v=-luJdd#y*$!E7&P#wp(jW=}teP)wcMMArTQ$0A=CcLNdjpUEkZHo1_Gfu(i zFT5TwtF#*HJo{X5$ca{z+qIfT%*<3m^TZi=Jy=iC58AAS1za;ilVr3g*T-hQE>P|x z)MgqLyNL%N!50M!V>g@|UJsFND*AH>XPxDB%j^4azK$Vh_HChWq6LY~^dLXZT-%C$ z&M(xeRVDCdx8@Ro3z4KsZ?)}U*0%_IY^dr=eg)u+L>QV|~7R`D0z@GtwbCE#8DiOs5jd^4aOi6?NWfaJrBsm^P%uXzZx7Sz6=3J)V<_ zqz55$W2MN3Evpp*l(4hvs%xP2=_4*33A<9MrQX>_SJN&%1^}Aa)M4cQxF!boqaUM= z$@s60z=!gdx%`=Rt*izQL6r5ip;pRc$2lQcZi8l?d@TH)l{)u+U@#w&fcr8sJdm>e zDzn{VfoW$nX}pe;qMGh&f-Ti6RH1GMPz5{_oR7E%IBLZjgyk7E(p`Qo3`*!4!Ah99|kX@OgJ72 z*D0I5Z;Bm`@2(+_*lF1F706MGjc*RXI0q}QIeHB=0dsHw}DbUcC)9 zFs2MIf2>V`MwTGgQPaF=?yGjDH+}|J3ASlYy@sxrrP(e#kANdT_v{2mE3P$-NG9rw zg()r>`X-Enc#u^LpOso~FEn>JTJ=?ZFMDB?0l5*tBDws#t!}jz4|Rkb*Vmae3+s_8}?QAaC81u+=mEb!ndDWh*w!ik{s-qiGKT?`D+W}8hk6u&Enn{3Wp?B*HF;b<7rLjOOY;}&__X&if zR!pRUe3Ku9znzRQ8^SFh8DsqFuAT7%QJ=OR|6aeD+CY{UCL#wa9G7|s&%v+vM}9#QE+bI$`-beh|a*2___nX&QOO2}4G>Lb{$y>pCa(c29?IW*Nareg+?(DjO zyvoGJt7l53%ikgGU`D@)0`yJKmjjgv0n(l_TlhHnov`wl?8ks#`(ddtQuPw|d9 z<=8!oZ=`*VdT*`saw;^lsl;bix9zR--*GqO!n#qIewC=Oh z%Yj4KknTUlKF+B2Qb!6GGSiNTX>J;H%b%j_u#gg$=0&<>8ftk+8Yn)>3ZJnKJu9>-em&$k8g(?~Lf zOObMi6!`9k&)t1o+07B3ww9+H*_^%f+EStg}i~N{ot0A&THzV@B>< zLRl`~z!vMVu0m?4Av0-X}FlZUiRogz{H7>rM>L^o;(QQ?p&6i6UvDNoBodbmiF zbk1ny{hBs7)axN}9SEriGJ@u`nyG_#2(sFFW4B*uI(<`0_{uxj8SJ^;uh;Zz6FOrD z>22)521oJikhsji9Y+lR2%JAmNp>sH_j-)vF_){*di7m5u2r=CE%_SOdF8lpFGhoM z5@%9-{_XQ4!M^9-Z+vPj->#E$?vvjO`Q!9geR7t6TZ13=1LxuQ?jyim>Yx4h(ittz z$Ks^g^D(zn*%cggLQ9}pu>f6zOgDoi-k#$XBKDr$bPq8@h11}k&%@bhOAcJSWZd(v zs@SlGxVpiD-tv3QCL;3F_nl;;t<78S$E)k%7kj|rw;G@w+>txeoNM7!&s38Wro8`i zscT_%ndruB^K9++9Ozxmdr>=V2v5b=UZS1%7T&zU{GHsTuX6i$%#7LF@*ym=S3Q^= zHAZHw{qN>K=V?cpc6N(62EKK-cQN80Flin(`}5UrOP@ZC1#WGwxp?BQzrEWm@zKn| zEeWaT>-5Y0>H@v@Q$%RbG#jdqcFvB=+H4o)bEI@D{p8`rXInb-FHyB|(be2*bIcIo zZV84!6cJ*MZluF)I8xuqi52i~_T#+m^`0K0mZ6{5hC#+`%VsO>KV>J`n^Qw7*53+L>5-b^`(-l0LNyr#h4jDYLGmM_U%}`}vJ?LxB?820m|#Op z1jG@exrL+U$s32TqWi z%(s{74MS|0pKhCg76U8Q=1K-f2;WNAwx>1!Sp~-4QnfSO`759=HUGy^9G3(2Us9ua z*f3P{o+1G?c#O&HPjn+nd72QiUa-!Q)XBBErJOUX$q}=n&@U#ekn|=^w^z^WHlOk< z<-jyrf6?u!&p*pF2CaFSDQeY;2BWzwhZJ7tz~xE-!~{9q6C)$V?JS%=RByMN*Am^{ z7Ym+)@vrAPtXT*vlC(tG+X64si>DUngqvZra3`^3rdy#sqS@29T)crEnDcrq+BEj@LKQjz(ti*LfP>VmEeF5w{WIC-Sv@ z6+J`w%m_XPv`xuZ4nu;RKE+=h2haESNUq-L&1n)u-S+MX-M_hrul<3Wl8aZowLnC> z?d}YPY5F{QyUuxPi%lW9x+*>Niu)9NyGE}4>hRh`16=C|f-+mi7vgNvN--UX$B3mLb$K4PaWiJ{M#<0QXFv3|@q*K?h%aXF;@B_z@u&)A2fGY6f z1Ly6O*&777D0Pu3kFlWYECyMwhgsxlOTMrCEj;S)-@nTX?Ml zyXWf)2B<*O5cMQiR`=Eo^=mHuj=K|HqjM3%(h>X3ZSH~PCuZg;fx56G=-AgZ5JD7q zu=LlF!W8PHC_av8rg;w6{C=;-pD3EX6A$vqau+G^`h@dyO4V~UdD@O-&H+gStoiz9 z0&TPk1eNXtyVXjz7vQj1WzeN)PW0xJq$d?Ry&|^iZ2)*BQ+sXor)1sZu{`bOXL`mx zP=k5S&c8cc;ALC+^?tn-`-V-v0^oRA9rHv8feAJCBHNSS{pQXfSA4^Lx!!vEXW+;{ z>sxo+*4rs`adpTUc^jJc%>+d=_i2Dq5Yp@9gLa{`p$v-0Y=8Csx|`W6PG{lXaq)?#-aq@sGtWC`d0?^W1Lu}o zZa2K9e$z-@3?za|&)J_7bW@D7B+-D9l4VZQ2^Rf?Tnhl*6fu5!+RaoyTA)ebr@jtU z@xjJ4%V9n^&IzKNo+FG{I$)h`+_W)CA_}S-6gNHp?ZHSwOFQ($B<^Zy zL4s{aHI&j}wb4)Dq5r(V*7My*LG8)KbZ+6#uKI)A-YkjjFYk#x&zE`?qmMasPjBLE zSUE}Ze8E#ZFUAZ^JR`D?geUX0+eI1M{!*XTKBONHQ{_FFcFB$Rk*}5=BV1Ui$@|sb z$_NI?uFI|}P=)sg;U)Q(JL($8Kcmto?>XM2UPo!R(Ep_NNvx54-j@8x5P4ou)qJo& zP9#P~p%sxhu7H-`38+bshNUqC4xy`a80aqyfi8==R!hnmY-4j%G+U1)ymgaPQf^?P zeVX63F6ek+D%y%PiG9-!O7+-{EnTIIUbrZ~Btg$cf-5DU%Qjb_bRlK=pO^8NPk(X= zQg+WZDC1-zz`3&8_pp?(Y!$}TVTb%|a)NYYHeLA^1jvgs1C>gD#R1uD7#-pGrn|s7B!V;IwF3jNE+o>;%$0s`A4h1KCGq|0b~yhf&GSc zC1giE``0=fZeB)O!xR;*te*-qhUko+jhRX`BjOafQw5lKB}Q~pdrerKr{KGT!-%AR|u3GL>y>04DXJx4IvjudivP28&w@TA0ft3LwG;~`TU zCZ2U|xiE4&EopN2-hWVw;Sx=hGHc03%oJj-+rREqkX+-2xU=PBPfzZC)XyDgb`Y%D z(07w3{3|4gb#E5f^f8_5w4M@~0PNz#!}ci7fzcu`pz+5z5sxyGTxcf0tnUMh?8ctA zi3UO3B^A4N3bvO{ge#914yqxYQmzAtn--g$lxAD4%B=u985;A1r2L}GTf7P13s!Am z*Mi(GHfx$1xO|TuD@#@J;ai+U=s`;hH>gO}EaMRRGFZ(siV3PYAUASW(zr+2FKVm4 z97KXy;lp+g#F#;-)hP-Z$NtV=a&y|PVp-Mi{IKE7&Em@Uzxb(XTN})?j$=?$LP#6O!#0RGDOf8+=xmQ?X(aR^RZYRFv6_yK zW*ZXrqWOyu&v1oTtyW}&>Zjq$TanS;;wZw7)NHfJL^=)42>~J6RCllwQ4-g%q4(g) zl(m&z%W?vmWs-Swhvc^bV(>W%G<#4qEhEt^eJ!<#AkCq9PARhhcIJ2L+rs9YYmqXY z;+*=SLXA!&OjFgs2>IrM_isKUM3EWI zKG?Sj_V<2F@)^>EzTVAa(uEQD&Aw{*k0Bbpb(2{u9lIqB@Ev7+NzKs9{s4NS+2)88 zLiWY@1}%fqy#Xa}$j9tZSd_K1vMG*}4&nJpC!>5=NZR@c76gDe9F!5Ps~bCq5bpq} z_{CZXuLPbugU!GNF@Y>RQymDJ9c+SEg>#5aU5^f26^$gX0w6nTVxkm(kdL{vf<{mc zAv<_CWry(V*L_M@lU1c0ljs^9JLFaWehjWYuFDXi5r$#!ajS1)g^z!*!7+k2=7iiu z;h^qOV48~EGF)pRGiw%>>E+GwG-F%>QZ9f_Yxl00d`w3JjI*#M95D+IEaVz?N4>hir2wp& zTk>iOP}n<%eI>Lj_LT7T0V#a|9W=ecZwBaLw8PE`rq%;&__S;C{6%1W8Ab90(*yl^ ziE;5`Ak&C1XlpFV*q%e0M)bl_Y7l32K|gFo8(OCIchr7i6@Ies3n>2oZjW=MYMj1* z6?ro3!?NF@0zkS+o06{hd=~i+9K&Scg$eibl|y#4KnugNnL&EvhmkYH3El=g`&N<>oZt;TnRCP=`-6>-w$CcHT9Zrp`60X3|e>b)%w@ z5U`nd;;74YqD{Lui%mX5uI@C*8!#3nzkMFUgNeitk5-gbl0}3RAKud$z zkH%-Se0#jOzm;Vc$2`-PJ!{s`S90wRgp=CN*rTWq65=B#lS%M6y;z%H zYQrR(n3y~61zQwFD-chRQ!`t`Rt_xg2rWf$STuMh=T z^-8DXCElyzD{G5hscKLt zD6cc=#0!wyXDWrrYM{nAw><`%_WZS*!VjmjEMA#ND8-YoJG;O7;&%Gde#eCx5C@Y< zFr$${XB!r3Gn4faCc}boq7<^=7G?k9&Jf(^CT7DQ@Qy; z*^CKQ5GX`eJZ7vEDFz8_D^0*+hO=F3ikRa4^pTO1`={raJB*BBKgxC|c{rXG9md7N zQgm~3(-jKZT;kmHX|z7u9gc#}WDNPABB)GZyXUmkXHfvE=*k+@ZV~hEZ4AZfSv|(k zWPbdJc3TY5&n83TgxDWbDug2q+1Sv{1>=qnEoLzp9g%j|;J_@MI!>}66FU9&Qc>x1 z!y{kQj0k?xxwc5EOeoxk35ZCd&#ykiLqpc6N)nK%^- z-BS+uAuD_5s&8bJf2IH5CZ2yi5SpT(e5qeDaV_j|q8B2tuqgcmCF&6=d>{*KYNXEbt7V2G47Xy-4JsdWzaB=2kZKSlmM}DMI$WY*|=x}9N zo@ZZPL7wU<4f{YrAd5XH)K8Lpb8%VJ=OH0b9WSXm5RW(1X?i&BC>lF=EQ&MoBar-Q z9`5MzJubNZ`CsAMVgi&S&)39Vj{f9VcMX&b&K62qUH#%$6{MxDNv7!daE>AQ_x~W~ zKq{`;@C3@re4Sn+QJ#zY`O4wt2RO?H$J=Nvw2MM~hGts%*P6%s&;>CxM@Vp`$hN?a z8FmUZ4G1a%zd<=pCH^G|fET)lWP_h$;~vE-zxFSy=ybwszK}xkFZea^()7#G)RuPKm{7Y z<QOHKcdY{7=<3VVo~UYI;u-=-V+0zG zY%l&l!aOu0Es6HE@8E`t!8|vdM$tJY4e8%}^m}5Tz~oYKh(L-ZokGw8+wv-F&G=70 zlrClcIRbhjd`R&RHmKc^m^lAE=JtDK9_M{HV*mFWVBGF4C)6kf_Yw=uoBr!pnoc=} zFK}W=;MG{3FQK?%^cXCv#d(TwL)Bmz85z>8+fI^nKD(!${v2beXj!0%Y}mY4x*9rA ziX5z1s)kOS0=hKW1U#?}jSOU+E=I^{uSz>}zS)`P?Ba5=Qg0&Qk@q@nl&cj($XNn{ zWuV*2@VH;yhtvJlBV{1s_w>5#NqPzEeCS*cjh7C`q) z+jP2Jl!5%?7sBkIK&%eJ#zL{{@YNd1lg^b3-g3`-^f5-dd_7o%6Cr&TVt#cQYHE^O zv0efZ78$rcasy{)2(w~ZrM+`3>shXt2DZdPF}<+`eDH?6yZ{b|ttzNd5W^(!a5`53 zgtRb*Q7-Vp4vSuQjz-GuXUVP?Nf!flb@5SKe${FS8K0O?6M%~w3`5l*`Ec5< zH<2u^uDTGFye_-o$7=JNa}TUfpbZMZhd?7*ww)~O4vU&3k<}#zHQ5In|Dqz=|9lB< zr*5*B6d+zE3+-tBjU&v8;7f7`K?SsRzj2aBBM^N43z;e4+p$IzOud3a%%fN+5mN^8 z8wX(`m>&q&hJX6p{!mxP@#G^30*hcpAr+`<;ztu%uF?{nNMkOAghiQoyjVX0!7vJN z4SW(LVhF@R42vENy84BjoE+lNuLyA=f6+g*iAt5=dI-ucw6 znI5X7p}s||xbK5K*yoB?$4!(;D?1su{XvMIVH!wv+8GFC2ifYs9%ebfSpi$glgSND#esOHLnC?>zG)R#K*DeWu1QBf1Q9 zOocU7G0BQ-a6?64TB@pIAY4YFhJkO2{+=AE_w!#5E=a+wobp}G0Tl&)H7k5@eD-KJ z5zu11u)4ak>4iz^&-IVs0-{NzeB%ZsZnLW2W&6?G{_mu6hwUC~tqqhMseN=liogP1 zGpX(N;7-LDU#L7!tR0rew|W|#fSZJbRJzPD0tjv=1lZ4pd@DjW^JsrS^)vF9J@;*2 zNmPMnvhKSnUYWD-jxCpIewmrz5%h_9G@=WHxQ=`tK{u<`J>>6op+w&d!LV^~=GK~R ztU!kK*6qCf{CXE#Bj4AAufsWZ6AEd4En>~=4h0Xt$Ld!Z?hO-g#0dhOxxD%ii_^so zuXZS`x9C!olQ2zMknPp^@TMc^k@xdO!;V2N=q07Oe%e-GS)2~?X$@DE5uoO;bE5jB zjuHqr>p?BX)RCP-*ol4S-gnlI=e@Wl|4%_#DZ{}x6_ z7Tr|;z6EVWF!bnoNzejvCEvR#s+>b#dCZEmuS4X4qZ1A zne0}|G4PiC60hmJc)*VM7jGiKBe<`-agIF)lVmYyhB(rDpQYwi(QS1fE z`dt(OnC76iiX95FJsRC1k=bt_*s;H zZ(&84IX009*vH&YW0I_g8Av2!iSoH!4#kL2X*DHyYwz`%&~d$7@xh4{=s+zAxZwDl zI}|uPzTGp@8`9u9^$G$nVykoCZI+^IdS0!ABv3o^ZA=1SFa{{ti?{>{38lCEKYd*j z<)}^xD?JQ7yJ@b&p-N^ML|?yZOCjcX2nh|1dK@2&wJMFs?Xy&;Ku}GU0AG%BQ}{u0 zY>Iv(&g@`L5N+lbPOMJsIhTmV7)sCiH??)z<3CuC{CGdQtGo!)9{6?!0VQ=brt#0pm?xXBNA7%+iv{LpuUP3}2 z7*vuU|5^r~w!9TyssPINdi{_SZwY;a@Ts#?jJ~*bL!rO^rxs^ND|3aQV(0iLX+{-% zSG2mB68!Wr`#gR`*>mJ66b(Z;l@ia^XLC9HVFsC=>u}Yj-cL!iZ=<38|2x%xrpi!( zW8{iwP*Rq*JuioZt__G&`6Kjfngp@MVBS(~PyJTk(TJSxcR_3-+wa2HbNmS zT0skF$SVjrrIw=_d`EQw)jx=0-AoyGuXk|_TORtq_u5Ahy?CG&vRfkRV8tM#sQ$A zq3an5K$I;TTb9QyIrb83;EHi{y<{N`iyS7VcTBgtqk1R-|T zxx4r71$$5Y*~oBrTa9C5vw*M~j09a!Z^`jmf6vTRhhoRZ3>&7botsQ&p;RkVBtPLV z4#m7y(`4uG#*~{niC{Hz!Kyup-o>Hr3I|U!5jTuYl;1xt$c^JPKt+r!VXGWG{*$Tb zg-;}h5~SJ`ZjeRZ2$^F0E3o2zT#7`Cc=(bzLNKvAo@gzsI}VpwzX)^^9=kxroX+bNqqd&04Xh4@X024syslqZxOo>0x#M%F3M zc)HS+w1~YZ#vv9g(Dg*DSpMSbc(tUaeZ36j>>{hc?R=!57<0T_Yjv_wj&*ZO{oQ)? zyKtuX=Z_Lw?pwv+C!XJ3xbmbWgWjC9bfu~<1giC3q6qi?LZ8)ILhrh;w2}H6ftlBer0cl}RBYB9Z@@tR$^ ztdN2z#+zcauyq<(rJ<;0ReweE+e(I8d`G~DB2p+!Pf37H0@fEXYVR*vLSDFzCAh%Z z{mU;s0ObAoYOb*Q9rBl8SX3FOKW`Rsro6Yw6Cw{m{3jHt;loK9yU#G z^rsR*5&Ciue+mY1NP$K|BGC!d5uTl`RRjOMYrTdV{F~S2>nYGl-G!e)ZNd}yj$f^H zo8~i8d^dXhCa8X57tv|5r_7*Q70p0~dbuXF&cQ_PP7aqtv^^H~Lw_ro*MOV=sKw|- zKja!XP%PHgf(zLFi-O>VA;d30{Hx+ZXeX8Y`jFT#tb5j5w$;ipk$TNS zr2E|)8=h{4WC#Z_rDU|^^X~nfi)D$+l3}B81RN$h4HH^-a=Fagm8xqgi}bLx15c_4 zznL}u`IuCsKSi?+vbB#)&jo`!@Rf z81h&E&d8}MWJ<{+z(7)Z?5#SW7$E)UG8*S{Xr^@bUb~HD8gXa;nBa|m7CS+HS35TG zt7?8!Shk6$n;hPY0WKzKsN+FH5<$mOwfj#b{ITijI9*-cV-Vp7a4?R|pxahwj}bf? zM=A(|8f@C+kM3LgAs~V*+@}kr-yNApD(NplJ{@d%z0yk;XF%S3Y2{Bfuy(VC2FQb&1LMnFU+gyUokI?>+mHYuP92W0grdG zJjv#lAuE`Q)ja4FCXLPG+rs*gc?54GgLdLTIJ{;;m+ zwvq$RSABW@k-!V|ndkshqldr!kn}`|*j{(wKM=U1xNuzf-rvuiuySx*a8?mdj(;RK zM&qT*i-|SpCW|i3p3wb3GRf7!CGh@gk5vX7!TfFIoaTyMSz{7bt5AznJYz9ie;zHafPdZgeaFXJglWWIb3uxUU?;C&}grD zEyCN`Pv_gEca(k0zPrpy3MdZu8*{xvF|YA&euiU9dwJXui<2J`*ZXW z9Q3xqP3ZsL_^#Dk(dXa}?#7XBlw^Buk$+0MTTU;j-ESsCt2U`p@2q%uzgU}XImfTA zr)4%>%AchIMYBT6>{iRSb)2cX^zsy?dAcmvwFJbYuq|jDe*Elpk^Li3IN>)GQi@Bdt znI@UDn;ji5uJ|j!%LR;EZ|nA}F|aU9SIou5pR3)gh%)Dd)B!QWb-?n#Z4FLceogp<=m+-|TjrLUIGiY?ZvLB7@aT z-9fEtDIl}yRCpA{wy+XcVOE2b9bI(iOPSpA^q2 zQvOknRrb)S6>X~~GgYY(3*P(jcj8Y@u|L5-B)`9!QRTi*RXi(=?}Tz>ICDjca~V?< zD#o0bnNIJ%xEisJ6b2X49#r3(8zD!H^Bw4hSl;ImQD^^_gOftd1xTQp+&OmD)-s2N zgp>`=$>?EtL&pt`S$^`o%D?%B5CjEq!?k&v7UYG4b-3(dbVtI`;%eN4Vp)_9S=+WW zq@2xs@Gc+J8}#qqrtqgmwnyflD8MLCSg=ge_cWhz3q?xyOdYgE-g?*Rl1s%q{*~-7_jnsS_#%tL-K8O2TXK`H`%Xl56pKcM{Z1qawbC4 z{CR|~Jh;|HcXWH0)^zq{*x~)2qU&0{Z&E)#xJuMh`a=hG zJbjY>w`Z!1fZxOIZ2^;3L%30-!Q-k5M$BUlMkEywP(9QnN}?q%$s)0wn# zM?fz20H|lpIf@vtjSDd6i$Bkaii}K*lG_-DJ+&KwU{#T)Wl&_}-{iv*W{&%*lAK;i zhh0CDNKWxSwe!L}My`jn_{@d*5G4#D~3w6nvL0^(aBJ?7=7zYxn!{{zRp)!6tH)W8zLRuU>QCcMjX+7bdNI zGUKM;`?csn!`4~rwx2AcMvZE%)34u2v=e$k7!zzh&(~0%G;*0@UDKYue$vyZBHQI< zPGArm3V9}1pR>g-qx;tm^&siSV`sHl*5**QL`%6#OG46o))i?_YC>3;T+;$w?%8Vb zwBf7gpCeX*B0LK=O<7!A&hGrj=ZKZ8@xe#Vn(V?PNjG>FuPBdvv_CCyQr*R&H1+PW zlZ%TfbEUWm{W0HurKQzIBBt1#$+ye2Cnj0O>?-Yl6C|gAn%;RKZ~Ck~+V_8$H1N@F zviM3{@s>e*z;r+nR`789(pw_CK4AH|-4A%P49R}86m!Lp8(^$^3Hw5?kYNul!y|VM zSI376>X7+(OA+l}RwQDOoW% zk`=`ZOI$J}+%!c~&x5!TC-Or!9x@=!=1RU+Tz53s#bD-R9-X2}A$lxL9!0Mg&4r$O zC@!fo7zuUAg>3aK17nYa`x*hph-j%FPh~DJOyCPjg2`BRqQ~@gwwS2-CEqyPj5`8+ z7YJX4_BWKmx0gVnH=0mLWz`&Dv%x$x#SVRJ_1A>Q&#`kO zr})RPHch|uVufGg&mZ(NEmvBs{=GXP1kHE(6Hkw}F{Lzrz$azBocL>mcmuwjTy-Sg@n zf#Lg(h>>MdGEK)V%c>;BD&vJo9G-Nx9$t{Wg1cF}4^jR()1I=@qAs}DweH5ANSg|$ z+%nw9yrEF~!hIa@TtmJfw{s82db@pbs-rB@#5-6|lpXI2fxOz$$-Io-m=bRPXeD9C zY^hqNdJ=9oCN2b6Q6CqyyUta>#F2|+g1(c4=|sZQ#R07{O4@Kq%b?O{RJCG#!-CjQ z^el^KJFN-SM14^LJpCe+@#P(4$ifdFE!PUBc8ly8Gdb&5@SF z(g~?{Om$m7=1na66auS~f%&_3`ZApCpi*=g!S<2D+0n@YbnV9Idc<*qnpHn|S8_W> z<8eLX*WhV7PlFn22D;PwJ@f66_o}OqO8Q#6N|ObDh#!djYdSsMi9~cueoO7x?q`oT zA^8R@_!&(fx&2`cFQv%HNo_W;?$h#g&Alx8X6(y8e?jTgmIz-m;X6}2AKP0v*>3&a z&I^ze(;{kn_Fb;fVR%?~eAPz2{D98g|5vvj7t0phRBKAECbx`dM04=f)BCy3>6$~C zrpL1c&HcNo?isI`Lvy<_4&tG?o%ehrZQOwfDd~2$muCvVqnQ}OVGAF}9+R1M=f&^* zVMiQ}zTS2KQ>z6sssxYQ_G7lp?i(<@!F}$tA)L8gIRpj+mnfT6xuu|>i8I$IgQNV@!`0K#v2HBs z@`Cq#2-_5e2*4;h=RQqGivBnnNndHi1z6fl^~N$Ck#4fswPr-9Eh`bael9j zRgVs}1nuvW=b>sTC8G0Oj;53h4fDL>?(R<)W%(7(!F<#3@O5Fq*U3RGqLQs@_QsqU z&m#pOFag8U9&?RS&0S@_Gg9d5PE*9cX!+>X53Th-?JdW3M@knTU9~X@tfmy)SnvJY z`uY0!n8K0b=)8+NM3>U~ZP%6E`AUYDOx3TWl3=(Ht_I^_(o&dZOV!tze{N6z<`(6# z<{DF(a@cq75|hfiB_96PrWg$iMBnkZKM9w*fi3vNMo}hVq+oQ#b)iQjh>P9Rxg9sy zTKc9@qkB_ncfFy@*MLBBU>6VuQ4XTl0zQGh9Uckp4sdBV-#^~pO+84c<=&S;_0`$U zPIogBlAy!%Y=;SzUO(TABM_O?c_)d*Gx@0C3Jb#n8XOG_9IZ|b;uVvWX+;KwY|82N z7oVpwpw3Qo@qnIQYnW&>(iruuf?}yKP1A0&M$9ZefH;gI&#VZsgRe#RM9y)OvIDa_VLG!!1hQwx978EGHe(pYiih6 zHcn1X28|jbwMz9Ek7Ml&m$EDxAd7eFMCzBUD!%vZ{lgv5pWK}v<%SCYg9`|#{?B2A zJf7d%t;79_>y(8{?zvhh69nLZzz6~>+4SO_Y~sMQK4q2 zd>&3w^?ZqamF+smypyi*3{VhcU=U=6=KoHPAk1pYo8cYWBdE&r!=5Heij>7iM>>3r z)tDtB4ekk(xb#^Q>ozFk%v*oXEx?HW|GfYzJ@lnwzx>{9)a^u4Ew2p2tBA!;VB%TT zhwuNr%f_Ub{3zi)vh`!%A1989!c#Jn)oh$9QRcH@$s<|A1Fj^|K-YCXGE9KjE;s+G zX;ZL__`i`k`Im*B9%)C#^*27>xBRA5_jbpWd3J{Eqq+7x4wL5!a<8GDp15X{Va6ku{mb05d;uh$SmwN|MKE zH-sqhC=|O`HckHA38vO21=ia^K_?(gSc;%Kyl38WG*A2AR{(=BC(px2rE2{Njl&#k zh`Rre=lXZOq$T-?YnexbsbFyQ?;9sKjbzTSCXOgMW z!M2eV5Wju@)ZiEHXp}&riS|Lii|mAEfTZ(^7SEU0sX6|Dqu>Bn3=fa15+n%{3X$=C zA)yHS)3e^PRR?l2xl*NMczs3w=u?oZM=u5|GN=!AsrKapphT^V8d&J=z z!vAO~hfAR&goQPB-|r%vTAG#EK1j$K zeP#izrLnQ`UZmma=MnN(gP!c4$b=GKzrM}_RS*V+kz|k1jO$ufB1SaMBR=FW?)ML0 z+^F$*)8@2(LXYb#rEIWrE2ehEI@=5toi>_k4Qqx#ktRR~(cH0WC`XGJc-8bC*c4!4WU)vovr zELvQa*7~ya^_9gO=QNkpqY?I5X^$hHC@!V?l9O^FISprQ3f6ij+bx`%{$N;Vyk8oI z%N1%-r%Tl~e@rln>cvSwH|alE;-CW9eZYN7ccz3Fh5E+fRV&{}CbfNoGF#tf#&v>D zbr`|rJjw8lTWnXup<%*Axcz~AUqA{F7!)F@3^of6LK8`H3Vw0T+GaLi4=lw5A^@lsmcdNxI=t zMtqK%Y|7S+$*f*DJMHgby2CBexk%aRhSLtz{Q4JJ0f&6?U6pXtq~es(X?DD|G#X(BFLH^UxG;C9I-)og%{l0s7FwDf4s1L89*Fd~{evJ#hV^?vXXN&d;!@(Q zwAqT``G;F)0boQlXoaOko#V`H!Jq(yhSS_;x_!1L_I!45+HKc~O}dzF<7f-GSF{1a z^?1CqQ7+bgC@C%7Y*unWz*8fRk`ztWv!4y83tq!_z=ze=} z=!QGWgzUo0nsggu$Np`s)8fNcPtyIE>uaKDc=f8lJx7Q5)_mWIMR!%lWaWjHM`?dD zTf*UU&0Kgvgv#gy(%I7LVhVG0JqIDj>$u-HoB<2t-zRdPkeP2?yx5ND@>~}p`Z^}A z@{EXxNN%HeGJjkCd}6Pb@jc}RrGc1ef-l3vr=B(dxRm|)_cRJa8EijVArEpYwE-er zTv0Ij3uKVBs^9gdZl8A|5K$yZE? zE-x?F-g!uA+HM{tKI%%;9v=9~Hy@oTn@xsYq}fAI@QDlmrO8lP0{h*oI32}av2~$} z51*Ty?OeY`er5iWci-{-c+O9M*Fq&De`lof!Th@OqS4OjpFit=qL{sp_)-0!(CF6a zr($?Tj_vL3Vt>Mh40^9G4)Du+@2(G8L2X7baQ;evekqm_da^Ct>$O@;wV?{YX^n$Lu595JA3DtDGVH(7xFwpT<)q@{mwyBG$Sdn zr@ys+_i07mJR&LpXlkDsx7AXTj`QC)2kzmf=*kJsTcevy|~3HS&%&CjHN{3 z=YnDE5fv5B=bAn1^-rFYrlLH~KHwfjFNC0(2O*8pGqBAx_tXKladAtIDIQ(kle63x;t*6EI#z|nFk zKJ7V@E~Lg?=?jj}lvA}GUM9AP&!0cPuQ<`JHXQ?8RFP!x<5R#8_mc!tQc@PF5&HL- zWqf29*feq^nmX^N)1WR;%aU9E2nffm@9M^(#$s(cXcavbdQ%<phmTwLm$e-%bQ(k~-auJnUYO+65<` z0OE+eo~Xci_p@&W1!l#XG6|@jb$e+t#Xoo*R~KB*c4rdcUq@X{1K_`aTR`(V-EjMR z)kR!mdrf-P0oM_}G$t7OYaM$^;^0XBD_>0DFy36ybW4!Kqe!#70duGW!_>>mu~?w- zBP?`0xQah?WK}3-!?_;wk9w;GDi4-&y}j4Gcb%mr`Rq&N65PmzSFp{aMb~9|5WgB9 zP>u+sa=t@3>fhtFp6gv%Bj=*8Wn*Fr0-_Uz60P!hmJR_;derXUG|mRxF>}9EEvVd> zo_;+b{Al*^V*u%AQA^yz!9B$sZyiY*O_FW_F7sCU0-!>yW*JS1naz>GDK=2_k)rOdv)(?h;&4eTe<&LgH~j~MpVM@OIB0LeePyI? zRavB9&v+d0U;ZGe>MUn$>5cWzu?>d>gv4~rq1dj_qLF|PM?s=@M>@QlMCm~mqYm=j z2Uk3ag7B60;JwA@hNDRfyI1`Kh^ zvb&YfIE6a3mfS$kB9Q9!XF;Ih9Tvy4BHj8jay3(Bk^`9`43bd7=%y;c=g(EjikE6E zVhAG0<$^wcuAZs1U+d=T6&PtYQI4+M$o~poO2>dL4a=4=kGksYKbgdUiXuTpshJ^~ z%+w8HH(di5mTt>?obS3-3Y5~;n>s;uGX~DqjZxl%oFO>T4am;~mvo*hr^8}-K4?BE z)Wh?JMH~T4(CJ`FsDb+T&DBX2=DBc-+mZO6j-jjB>OP5$jsCcpA5l_8nuBjB_o9X} zL|TVVM&(*bUgMmmamGfX{2PL(JoKxk=rde_3jTxB_KrDN>>%V|vgmc^sx`mOdZ}*x z7SIwpoo=Z%Tn0R(hchiAEt6{<1KV=wAtQ>3imFWMVYwzbDb{As@HdZV)z0O6?cOqN zfWOwxQhTvK&*%>GzTuaGRlOfz&`Q$9$0XA57g^a8Blhq1p>%HnUQ^#d&fp(daupcXMT_z3yvd$~ zQh0OKf|tJT>BxH%ygpB@YP-Qyf$An(jQhMVsGCM(R&dzYBIPmH=}Fzf4?4Ij^igQs zF+{o6yHA*P6!U6RD*v27?aAT5vnE&2-v!+N3c7No76S%Gh-rH~G+cXv1@d9Bgi za_cc#W#+_dKNqZie0QfbeaaYBkGB3?kWo23R$_>dMKiXfR3LUZjzz1`u+lqDoGxrG~(yoj=0Vw)yQoO@`*_hyH81E(~>x9k;@S=Qu<&B4G`e`I-);d7@g z{F0foS6ArI&uW=r&W*%mz2yw=zpp|T#Qh&7eb-558<|_0Z~ByRuQI`t{&Mgn$UU7C zn#=x#ynxq_e96Y?%-h^j1Z88M1lfDJZBSk`Mq-vcAh5pUoiZJqatS@apXLD4vFZeP z$0T2fZB`Hb-J89n`PrP_AB@avf|W91LRoqjlXWA)*9sv$Ahqp(6Sp_^>rFgB_Me`g zKH)l7KRzsMXpUf&)5dI3Y|<)L4?aIwRwj>4^O=9NI;8fZNe+z)tD?4(AD6o+twmcEV*Zg>g2O(gfpLZjR-d zZ`{lih?(tFj!Ahed(94E^4Qmo=X=`QQ)`z|Kr1;8r|WxPNgN4o67eL8p(0GW#1-L_Ji<%!w#BIiXwgd1%+{k3T69)x7? zM_tbIhm(2al_=hpKf`!q&@em`>mCmhtMBA$n>GE<8+9W2M@w1Yvp~r@R%0=-^=I*W zW1rRES<>bC0KqRJeB?-J1yOCH)TQVILn%>^PZ>c)iWavfu#q{mAj8+42gHe2=;p%@ z`Xr{BEq_jU*n^%AGv)Zi2W>N6To7BMGtHe#-s^?+0P31>G2`WbJLSGy9 z;8Qid>sI6@RaNiny*9rG>e-U$e}QZ;sNVMGY{oEnzU6H@gdUyEuthIq93V8KKq*Mu zfcb>$OQX{^?Lt=&)u^F?{Q_7xLzSW?<>a>7z3DQPa<;P-SuoSePUErY?v5#|d@uLv zHd7ATo)!~^!4N4fj*z!mLmx9|CkmAF+I~~-HMtdueMT9d=&j`WDKQZG^GzmKIYPhH zm%POylHt#y3z7qTMKgImtBvN;8@wMr&)Y@Y)S$N%! zSI2pUypIeG+KkQd;8j%o#D9MM%C0|@{y7~*+?LzvaM z{0p<;Sd0v}Bcc(%FMhsx=oNu|106~1i|%4~V$9cRCfmF#SHJ1nFihQs=>kfJdblg2 zxf!Xe-w#N$Zn+6l*uG3uQ_iJzaI3_^pw@rqXFimVsekf`cIo6LeK&^9EXda+4L_d6 z8Q{SrM+|xSd1OeG9$zmOq6iofH=)zc#O)nK^9*rD881HwTJ-Pw0t-7F$N z5ibigX0e;EZhKZe2>iO>Ft-CUBEJtaWpQv=boGyv&w7qb)CT^8w7zS^&$3_DV>j^! z20FWoVUq=(tbTKU_=rGuI>cd-3yWfNFewH&S(zr%gZ9Yt-q5SLUO&gUC(3oD*lNn|L2a?@PRV=p~OG)9HhD7-39) z*Gt(HHT`$#x0Lci>x~R5>Sdtczvy&U0QsmZvhB+zM|*8e3$^A=cTi$Dr}&m#F2@y} z_;qJc7cr-CoKq-n^l@?!A#(}QeJaPJF=9G~>yoPma=eb`(rBZSCx=+8X>h#n`MumX z8E?8MVuU|>Xk)jAT>0$?ZHRtp55`NEYc^v(BU=3uYhwD5kfq@Lb!S4OR~boh1YRZK zyDu{u!h!SD;_HPYp+4-!@4AClcS(i|CN(-;Lh&f`!TrNP_BC)im>M?EPPA6|9!>RG z`R*NKK3yl;SZTg$dO_2pqmq<`{D{*1=Aks2yNbwaG9&=1RM47439zA5Zv|~W}-dx>vpsCR<*GnOH6{?hgP3xt?Nle zEZ(94;=IpDXj}NQJFejjffZ*Z%E6DKFCh$f4Qkl%?#myl4Q5OcwBKU6Z~A9yNDq_e z-xg9d8b{CL-lvvVR@x25Fe>l8YP!eTFlx8ia$j0nI&xS$wT3>%pFg_l7SZZg9Jp{X zc2?Q>r1cLpN4};x?4B|av6hzqFRcA9c2=N9LbiawO#b6z5a>Fx=Tq=gL~}SV7~X$5 zjjt~{l$u)6H}LC!82CRvA_DxhUpX^o`rqvle?Rv_g65(hMiTzZ3;qSqdr{ygp>x4G z%zrG#KM0)x*VmUDnX>BB|J`5cv9E7UkAY0e|BbB;3c-zJXp_+Vzx!9nfS=B1cgDmwSBJZI?t z^HLCGG+F!=8kYaN|12H&$#c)S=E?uP)c>z1jh}vcOEpKD-UVYujQSPCC@U+reNm{7 z`x`ohI+6==xtPjj)B6w*RtAu5<1b0|vazNIP}7lQ(16w;&$i_@eu3uc{_Vc+IoMur zd_~pO3HIl|Cm_m>h=(%@?(1ym84DyoN)r{*P+IIm4{fT>DJS3F8o~|rzPs*c15|VT z0-rHDBO?RlL+~@isph+nhlYlhiM2a3u@lF_3^Hln3Xd>S+=#lFDI!}uXl~c{w)1DW zPo6N7Id7g@?@WB>`}oorI#p`8d`=od^zRnZXsLqEav|Mm^Ys(ETjtF=apfvv2jq;@ zZ?VCa`<)rYb&4kW2q)Kgb#?W0|8RA(R+sNDDCy`M8&hrY{~rr`ftz@Fdr{-P*eEIg z>~)=0_J!R8sG1y7NyTe9?5oH0nQqk1_^f&rz9`;T^nf;2xZn!^Z$BzLJ>1YTRBe`& zc3+q%DEQ%zk#Y$&LG}9rYz&{Poe&>gvJ1^P0Tqz}bGa(3E<4VUPW9(?@zi zY;0_}-L_O5E)HcQ8}zzDNUmOqJ|rF#Lz0;NZ}23?qJqI$yT93VR0@XE`sRCNIE0k` zI|9^{e6{oQ)0#{@xIWw-7g7PR`L_35ISR=+=K*TfRjZyY!0(U z+3^Ptk?}!r{#lpr6ZFB17lG5I`X%v~Q<-9uS~q`g-*sd5XNZUpvc6Gi4t#+7oDmuN zn2%90mLBj>-l-vk97@|=hHW?S{Xlg5^)o$j1$Lb(=!yNIFfzi_U*OJy3be4tM&ks# zqeb{5Xdq$ICa0I0%!lVTfGAN+nTZd&B#6#qRT?PEl|j|AZ=4W8dV z(W$kNfTa$(sIgWFIR33kix#a$Y(eTPsN2p+ZZQ7Ff%5QvBs)bIo-T=Tob$0ZZJ;~i z=nSNjbI0%lvOSfO>C!26jLi|P2%s4I_sZOUN%uDrDSXyy_*mpzUy9XBi__PTpySC% zP!k>e`nAp456kJ~6voRAAk!~M;j@|L#NwtvOm-;UVFqrvqv?Eh%Nps{)neImlX8Kcl+HL52{Hz%Lhlfe8LS0E<#VwcK#v3%y)??kcU_H;DyV zrSS%PVyIdI81K%p)bjKCCuFPA_K0{r_#S0ku|qKAMuHG0(pCM2|=x#l7AqTd8pUmIPXwB#!E&E z!YGL}i&904xvx*&pB_d|Z8nHrU+h;;=VvbcdoqEai1&5a`Tk-_J_V=4(>Qj09ibj% zH1jkNGfjK;V(%o-NTBRY)|SkT`x~=A#YC8lRb1P+&prK}>fXeNNWot$Ql0A&AS)g=68F&JyZ00%B6KV`=RsL)dQV> z3&f9DAlJxd^$5m@`VY$n)_*>^pG>|ZN5p=XLTPaXgle8yi87x z&f~#~{3629v7b`5!{%CA3|RV|$k2lcc|i{Jm((B{zWzNH^@R`AFqzFlir z!taXr2e3bIr9R7z_%t-dX#H9D#4*1y^VJp*ww5yuo*jj#S~pRP_U&WbfGo$oKE zwA8CL+5TNNgt)BX!m8%a&5Zk$<&?>8cIV*;SDKpz@0J!*9icUHEJlTMbRBtkQ^|Qhb@BEY0f19R8X$2@@xt+FDLPA4hHP~3C z)uqEJ6~n{Bb;<>IK=~6`%_LSm+0=L_P;cc4+gy$3ogQzf6pVS*A$K~=TTioxMqiNhOpORqZ8n^%NXA$E{v-W)eVJNqu}3(VZ7DF@b+aYBlMG9Y znyymkAoOAu6r2mt3Cahv{pN+=eJ53I^%r0DuezYhyV&`|1_4kESA*5HuKQqJU<5u` zLNhX$^!~HWa-)=|%RyaQcNRT(qNe-`pg_2d7WixLV8+K|Jyie9Mi;Sr2bw?7S<7=U zA}y1BqYD36VuRC{RIW1x#-4tVJRsoJiMsR zD1HQBl@#!JP2@g6p1d&4t)mbujL@%n>*o>r0CC>SvOw_g@J_?f2!@e6el7^X%#R~P z)BqPVUi`=n8_gWCyBHdgekzVw8H#n)%*CbkaR2% zKcPVHl7-V;td`4!Eeg@d4O+w>{xc|L=y)(vA?Nwz+nT9H^o3T}2tjz(-qyGJ{U7x5 zOu(Llc`b8-hUx%NM9O6nWFY80?{j-Lvktk4J6 zo!iyGerBLUzC)|<1ppln9?44&Cxx(Ljg66SobRH){#|Hryu!&%6uG;U;8+9*$cA%^ z>+UpLv*(W#rUM{@kU#J+W)xrV3VL-Kyy(4qhF}IZ-w&q>FzD7f0WbG%uFkr|VB**2YVT?X zXKjg=md`;br2v=M%Sn_K;55D<1yt-G*rJr!+Jm%Vir4D)K*ZyzOW~`*9r!mZE7;)I z51<3kYh{3@6;YnFpMRryMqj=(qz(f+Fw_d8KG3I=nAtx_BVAlp&US4mh0g+j;!j&5 zw*kvSL-X`?B`*^xbWqv184hX`CRz9^EBJJ-U<=>8)1-s4c4q9!NMc!Z<6DR}w>w?@ zpW{}TApn4dYt6ayPyUZohjeO9_61Pp)i^`b5;um^QsffY*#dps&vK1f9}BFb__%iw zC+yCY7d)nyE0kCQmCKociX1R{w~F;t|EMUo;M!w*oSykE*2sdW5MY~x=o}blM4p}; z`i-%jRE3S&kA=K153>|>Wov$drt$gjRxh(i1lROE-crA1gZ>SoG4#g4A>|Ho5`p&> z`RMpiLLNM@s3^1zBJnmGh+)JD!|#~wH{%p=meIkj;6a=;(>X5V>1D>>pLb0MU40f4 z6YID5G!su7@YKf$FjERkYjLqKzABjrO7$FRtY26DFlG3D<00~{THVzIf~<@1)*pl{8TXkriV5O~BwksuVka^vS6?Q- zYQGR@xCgYy@lv{w=Q;~Vs1e61ka%WZ}g1Zb!!SDS!K~y+#N;cbX(FPmE$jo)1vv$;zT&_K7V+`rcFJFb4Z;bCnS zspW-u4FfK6{p|8yN?N)*h=SD^a7g$upj7XyuFBkZVDeTQ$exk`sG0~Ew5}j`Ev_NJ zY*FD;QkE?tBEdM{s-WNB4_ab02z;pfE-HdTsYmd2C3CK|SJrB7U^iUO#ecv16Yp6s zHfof(sdC^}kRZEJciA!|IzKMd%X@@Kq&3qwnd}p>B)XR#P(~B|P{MXTx#@9Ta+eu4 zduG_uL{5v49h@>9-}Df%>GTRH!N`ZYF*Gj)`bR)^x$aDZw!w1G*hy}0=SYKDEN9u+Zy!J}UcOy|L zB?svl1mu`#KGNO<-|G*}SSzKt@bW;Y}M)uf9C5pJ|A?)$xJ{8_XdGqVUPSi`f;O?fn z|KQ_Mj|m@*8zPTD2bc$g$tM;~$xNliMh7KYtt2f48zQ&{<`dKnQ_!u4+&{SQ2zIZ^ znSRiFQo&!rpAsF%>% z_weP>37O!gMggm)bC|?+MWs0iy?7q4P~YxNt@#`E>&d>Gi%QN21YKq((2jc2jpLqa zWc$(XKtRsW_8bKG9eQ?Ca%dH(sxuN5vaFJvPem}kq{J|}cVNeD1*+qC?kfi|c`wPmS62u!`Opna+(x7TT!pA$&tf&}WSBO9 z9w(3NLz5jNs1!{&JQmZpEz_uC??rV%27W>8K~-77Ab-t=25!`?U)H{L-bI|zND zsURd)_|?P}k82hW85&)kGh8>7&-<9NGl`Z}Hgon&MPvn;cbdu5T}vEr1_9Ch9R-r(O;@`nUlPknpn0G&wgotg|L> z3G6^+o~N&}+c2{O))CvJr{uMEmB3|1Lig4h`HvIR5=sfflOcb9ba;>vwxWEFSS9Y)UgtgV&Io0wA%PRNq4j#CcyWiSBS6`+{xy2Qxm zv^98eBk{H0s8y(-7Wlj!9D$ z7V5U|wOhmJda=DqoSLHq>UiKHEVRP|H2oufQK&$mn*vb6ei;JKsYxo6lmG}5U0^{{ zC*Y^H2e&7DA^(5~w7thCxdmNPaw{p;^YsPiN54fFd%s|S0eS#qKeJouOh!K>@+;M; z*G#EU*`orfKL||qA)6ye(15qCQ2wveL8~3x0Csu|2^>rY-PqQ5cR#eMj5^>xN3bBl zNKyKpP&eY>MtfaCY51E^co*eQFxAM{Puq^(Fe;|X_DG5P@S*~U_uD~h!6#!~RgjvB z_Je~ZKb6A4GEsDsU4L?})bM+JdWgQ|TQGO$GH=6Y)!)X<;>lI|8DpDhRB{L*ES?+0 z8u>>OHervMRI8q95X_@j9UV>q1r@i>Yju!(QrDv0)VseJy4j?vy=2$_t|ni(iiEh( z331^INpw>B(NY?(c*ULZw#p&At)C?cbNTefoQi-QMjgH?P|ss}i%8M1WFBU4{8X8OsH(=k0|jgPu?7TiQmDvx4~|l@B)0FGJ*)U# zad47P*CJxO=I6<~axlUDDZncWKDRUXgpyNG6afvZWd{+5o^1JAK<)p$wFhKuZ0xi- z@x%=%S$+~R9{tRqhDCULduuN9as&Appqtd-&7TC5;zU0OUO41=o8D$qs%ktPKI(rey@FS5}$Yk+{}W0}FEB%pJydxg`cJ?HyQ7k~8s!%61o zD~zukbQ(>9b=o6@?-EHv_{$MTX$>R5C(Z|tBr))N6F8{s?d-dVg1$KpgJix$X(ye2SW71X=7Se+fo8ck$-Y5z( z_RI^1PBcVu&ezD25|&%)-=d}?Q4(Z?l5C=F!{F+175pB1g z7v{rzKMC;h>Bw5$#%Oh#E#n?#-zONVmCn^p{WHKf>A(Otu90{usF6`oQFpS|{PkGH z|4K?r>r_a)aih&r`Arlkjfogj?H=@m<*?n~%J|%zr#$kjr`pfN|E_@m?2wS*2=bcA z8>WW=-I*#cA1?7A#}(D>A|?UGPrZ+p%5N_&Y&Fpx#%(&ubk;ugVUqe>7?FO|An-`f zkDo~MIFYeY$7?-Z&x$aJ*`KDj;UJ8a4AKKIy2DKIhZv7XJe@-4zYB{&^bp4|6Yya0 zUp*bQ;)rN?omu=##bS#y{CsDxwj@q4o09r1912veIRV>a)*1Ie;d|1JwJ6UISddX% za4D8EO0ls3f-{_~l_#!+U{p3|^+QmpBa@+ScR4f|-shozeeMJREju%6tp|oufrub6 zT#+ctDIf>{>d*GXz#{;|`-M{qWT*9KF;KtFfhv)U*i^i~!T@ChR0CRtZx4mpfvbKK zk97X2iq!|EF9GEWS!A1Y*%CeZJsekS%wdw(AIGCEq5cqR1xE_p7btsiKc*@vRmehA zTWd2P-yh2?u|1wwU5b*!L;Y3)*t&J$i!p);^cp-G34Rocz~j~6+s%;-L~@^K@LUc7 zV~MT|@6VsAV`^MqUaFMvT5mP~9%BA5{S|$D6#}->IfB3_S5~3Jc)Y?_; zgpFu8LwQ*_)x4c_b&UGZ1!9EEx$Yy(>mXX_WA*$`{brR{hzt(-_U^@|S_|YV=v~#{ zgQv%g`&~xP7m6}Zyxy64T@m#RatyROsytu=VbG*FM<#YM?Wh>$yKF z8^wEovq>(dd-edLAc_}0{gl+%lihQ8udyIm$h0Nvt`Z_ND3a_Y nmBe7iDlp5~ zLLA9QE)U%l)|rg9-k+92%43nO`GloPgMc5b)e_Lc_rri8 zG@tR$0dn$_F>z>etz}GVOfJU=s&`X5}!4Cyz1A}>TWGR5e7H@fNf;u;Y;iF^!;XNVC6%UT3rYA!8F zNoXl9#s>hWyn^iQ|45aQKNtOB=IGOgkrathHY*Ia-TcA3no%fZ5mZ?_asWKV$jAtR z3xn7A^7b2dX%yKR>=dq=7}?tm7I*GVV79<-dX)w_!e>u^OH}!P2^gQ_`7n5m6pQeR zXHfnc98Bom|GsPrE2Jq-=K|!HF!@e)p7KsRUQ7h}2sdLDqZk2YYR@G>povQeY=8pd zyfaN7j@3s*LLv)92-6L431Ir3jK1zg=Xcl@Bj*yLb7rkMQ+?DcTU)Y=jjmdbtU49G z2CdSV!h~r5SU>~`1EzV=S%5V4F$7fbGEmvtCY^!)cQuX$vo*wEhycq)0*(tjRp}+= zkP;;_v6j}(*Xox;+3qJy(tC0Lg~f;mKV3122$N0`qo#)@1Cy*a9myY!#BFpqdqyGb z6jZEP5+9u%i3%N$6?HoOkX&o@*k9(0>aJijv(_}kW8~g!{~~sgk%On4k_>i#TKk~p zdL5;i+e@v|oUPcP82t)WD09lwbUf@jp?9o3SdQqceGh0bFlq~Q%zD322hKBkzGIt2~OTU#-Gj7Kr0_{IV9|E@zvhML@NK~x4 zh6U8~D{%enAr70tJf{coK1`0%w!Z}0LfqdUGqjRR6>iR=5Rjgy_7fCKau~E^Qpn6q zOspXN{W@e$5Aah!fu(|340C;+Y-Ru{ov+LDH^##{P;fk+WEOM;y*;w%3WmUyzQ`V zYmFgOZ1d5nX?oGO6+Oz7y)gGGLbVg35kplWUMF1gzp3q%&Zo?BRGN-C=Jco1#x&AWk#-c3K6-2C!jm(-o=I1AY`#eAtD62c0 z%4Z{n0sXTLIO%Q^2~yk&eq^c=F$$_p4NIL#~ivy_XCF$`(H@{SY~Y zY%CHiGB~>(3-`GKwP!f_!S36|Y|HfvLsUz5)5Xvo`Iq>~~`Tie&?hpIQ zlV2^(j-4*@JAa{D!D=KIMzZTNrHiB|^IfRsTz5nS?T?V0Z|YEL3m1bMd7p?1RIR_B z*rr?{rad{{cRW>{FE4VPXg?<6_^~RG_)@tnZ?T7OqGvxqb%f#bdb8BLciwV*Xg(Gy zkz9F>nx^b5MzXLITO9M7G};`4S9lG^J$k>clJk~}p2bk`-)G>auTFlGdpYN9sUI?+ znH~%xNWV_>wg*Z4WDCfClITw3=-buS14JH&)Glv0#xTDjLr7^>qJ;53jyhDN_VBx| zDZiSw><$U$c3;9h+Z^AYSbr9f>2u{kkF_Tp#pUUN5C3LEXF1mHsEZlDu^knc+9|iM z=$SCuS8{DaYFM6ne0F%1c3f+DgyJ-FpM1ld_;R|#{c8A0^RY+MvLWaa)hlt}xIDt} zzr6t7V@zj~3%i@ouTFIuDAiHOXu&JTISHId7!J4#zHgaz8 zj>YdTsx>45x~%8Dl>AK7pN;uZ%Rc$Kpw$$PeU7)im%+rkm)PGq%jzT=yLowsyK(5f zrtRe56d$%SSFVwo>c5e7p3%QaoWY)7p(L96YS4+s;RjXJfX9 zK|pF$h{owf@twbCvdVe)(>t&|zCfRUNsB};^YvAQB3g(LvS>tG(9zLZTpe%x^R}Z9 zWCIJmEH}kDr?*dp@HolCYFRFn7-j#`vc54Gi09q5U-m{!_1CgVz z5lDUm8djd6kw|6gMo?NdYKV&lG`VFVvI#&MSJ%B?c$_Q)En|wJ;o)@nC*EPLu;sc{oer2UL=H_lfi8drOMTUbnTZ(;%0QFV~R* zf%k83%>D<+g01R4Mz0(q?cB(SIY(4nF(l}HCU<2U3Tho9T8Rt*oznDcF7oJ>afGVR zPOv4(5#EIEZ+he9*AA26jIIjFvV6}OZbKTrN<#ivHr@CST{*!_Z9@5v-XVeJ_C`m+ zGLaePN+a9X{nMo~YCZIVo$SxKVi{_^FGxHPIQ9Y6Uc1~QamX%x&mNZ6y&@Y~$Vz<-dm(bS_2_HwSG>poZTJZ0K*|2Yi zG)*lD)yo&I9dtXx0uyql=~UR!W?{%y@6Av2Ls4`-A=z5b0^t<`{_?ts_Q$ZWTk!rF zUx<^A4#1(Utr@4oQmng0LiE^T#RAzfWt=Zv1gn;BGQrMDH+^QonMvkyp z)-&8TS1c{RaHI_gb$pM2+LSw;Q0Ga)+Kwr~yXGBKK`)znm~t`u#f|Og zr?6HGnkK`c0p}a%K3PG}+ixCh5x8y0Ba{;ZT1GoO2mq5r8JLlqrYt&85UBvtuUMxv zc@UreyxX9~$)f6*juR~x1)1oLm9T-p~Kt^2DJ&sTilr1RW?sy;gn5YfelSevKS6oSMr7uROHgkpIdu?23twieE3J&BDCKg3(oB8J}w ziRVaj!CicrD)mouf`9=Bb#@KWOb>#bjS#xh+%TNv5-M_k5X-o2}YOU9Pw@R00h zU1a?ag;4!{y;`Ml1fTWWYL~xEYxW2|&zO_DosTGZU{;47QN%%bQev*IpFFiCI}sm- zFR`s#+&JEl;1gheAqdviESkhmU9^+H*wE1 z7LxV!#wSLXM4}AOX`OEG9!8zN$V2;F-d`=qa~CAodhKsON>q{b;&1PVrp(Q)1|g@v zf5jeQV`V>*vc#y|WR{{HDTg^9W#YyyhL*|a^zWPhJwB>A3p)IZ5%D4RFqgM%&fwsx zDKlVbku7J*ITc|p0Pq{ zs(Kg*EuL}oxPCR}dNplv97e{aX}d!{$vU5ioxUjcLNkofZ1oB2nUcow<6qIuL9J|L zG!Ne@Ryw2%B{m-R9~RT^j#1)iZnejFX0zI^Zd+xZNM^U0RYJJr84R0u`GJ`4IRd}1 zPmO#8Ra0ndZ})4w*n9O(IxPA<_QxZG)cWYayHt0qG z4!;UB;Qlodkvr?)dO|&-kW?h;_h_J<99NcF21Z8WM(U;zSE@x^%Hi#*P|Lg}!g7i2 z$v8Uo1`~a`gJ{1;!5*eVsfu4ABCJhcDAmQj+#0>eXHP8)euLYYeR@;7Hd(1kRrxaZ zZgW5D|6%HyqvQOdZ7^{f+g4-Sm^h7XHf(IRvF)UB(%81G#2JNa*86+b%=gW` z_u!th&)$|@L7~5nQ}Su3|INvPYz1qE;y+uFft|OX_OCq*)w_S;Ch>2yTaJ%629;Ih zsA6e@s4+q0PtgWTQr~{ulJ=2{9&rpPwUDWmEWUo`Kb|`0pNXi2UeV2vOy^46S_igFDyyadPxDrxA|GgU7eE}z9*YO6z$cHt&D zvYTRBm(c*%pQ>lkpE#95KF7>Sw5lSEm2qJpN8k?%NCoIdSjO>5kYWD_z9P|xgg?lT1Vg!s`!o3jE6`2#Zmipkb?MQ5 z3?y(G<2QRUQfzAIQ23T@ayq@+?N$Gra(aU{WadqGfb?9K z{q$_FS6bKyp&v*MuJb~mBRlwQApzPMS2pX!ugs09keZVB$cx)$tmf{LXuWj{2QV%H zMg(+<6Xzkh!h(>`;G|??VoEy!6^HBHrm~y%x@}Q_gb?y{Zn1q$e9={L$PO+p301dT ziiJ*G(X$m&DOSssT}LbHvZ~+c9lk}1ZSSFM0I_0hyon5!uHo%Ajww5@38Wv`Z*+&B zJh&M)7cpbJqvi_TT)0v{Y+aV!TuLXndO>@Hwx` zJXjQ1iU5jvuWi3cLIEoZ3JOC>OZLsvnAEh#jWx#${LS0RrnO7)YNOd+xG7R@&{RZ) zpGN1?2cZhn$m-tj+dZj>4~MbywGpPumFrT{?1Z?k*-oXuYmQfZX&eXoRvXQQ@3cNu zurv@{0sd&i8DO$ZY5+Uz03O(EkIyVOim%jCd3kxJASp3chw0qa3iYl_D%htG_So{T z(bv2$k0B{Q)Y;W)2gNfXq1U+ODo16H5=RO`tSoGf) z=N6&Iq1C{vz9A20%bS?%TCt2okqHX7`;egkuC`i1>?_8Jn`A z+cqJbliAjcARK`$8kiOCG=FV7Fpq|MtWUeMKj8DMAlo{Dr3rAp$DIeU2SB(@ z4 zTO^N$j&8DXDiq!wg>nTMP(WOe+!_RS7<8K_f$G2oNEB{ejRcAA03bk2D#;@%#mNu* zxb6C_!i~nv1{ga>A~)x&JuU?9yqFK|@26 z5jw?}$fX06xLQq1svXT={Fn?Xi)n~xX;gRn_Z_zbQLi0ySm(2OX~{?eD@i?7UHTlK zo3ISh+`bMqfGC+jqWA`#JJJi$2>GE%1ld+4?9uvVC0o^QB|7ZdV>e{s`_su76D1{O z;ay$lH-Ozwuo2miANnWg9^|o^4$*=!{dyz$=-q$m^x(lMV;MR0R+e9ag+VJ^Xt3F7 zuIb_7QF|7_bh3)#!ml9ie=v7dqc0g%Kvo3KISHQ8tlb~y{%3iGhugZM@|XXG_^$SC zVMj#>?AqtFnB&%#2wUxx(cpn=2#5&(-l2e(!h%$(EVw0B`X0nuf`*58LJzFhmk{y$3H9& zF~Qv=h2aYLraGfL6iB)m_KDn|wr4xNZ)T)=q0}SDlnhWc+gvMj+ugrycs;Ja@QM?r zkSSfFf>!miSQF+59ySt}PhGpo%A_?tF_8j%$C5nvK_l5KhZJM)feSL95oqe&V5D-<$#7jw4xc?Zr!`aa{9?ke4 z-M-9Kj9SK@-!{L3-Vp(Gm}jA=q}z@JVaGECbRcAupE9GPllA!ATBo*L3hs#l6a_z; zXIU;*+cZFEZvA5(ffA6Da6t#{zKfH7y@p*l*sah;o#nUVBO&k0j@ic-NmK_j0OR1` zD5#73hoCn;#X!AllWt}PJzRKQOc*_Ev4dxZsD%f@>9SJ?N4zh~D%J4q>bKZzn<6on zltjqo32Y{xo5Dr5kb(DhS&h#sXBaJ9!S*{5F0NIyg@uKzp<(VHWVP2S*k&jQ8IpD5 zbeGu5pTcuR@@5ZfEjPHXg+`=lsu0IAY$ZMwh@k3?6vC(G?A)9z+@Al(yV=>(b&`)n z3@t>sFrlQd{E~~iW4-l7M7IC}c6f2f`C*IgsX7m&ACMtj*hj>lu0XA%-ufE=1AI{o zba+lD(jJz+pn!nxg>o4z`OXEZq@b<7hXO6ey&07Y!9^r!>)f(^2)(i-4QF-+3g2~_ z%%gN$olF0-CS6?cqVif9U*FDqbpw#=>;46@*<;a!LOmBI0EnyVmkvQK203xTKDrgs zkq~Hi$frT_ld~I#2M5WWi(DXowZ;2yr?XmSvs+0a9+z$Hn|Ja#lA*!A9Qq z@2s|wK!7Mw5}tknjMM`VND|aX#z*7F!op^`X@JnkxW`}^>pO( zC^98l2xR^{rQ;tL)a3y%g$_sf*rK^0MLAZ-`I1vlf}eZODn$w%7tKUU0E~dv2v7)X z<>OjmlgPygKqZ%wX?r-IIGmqX)w(}#Dm=W4BHNOI<-Z?i+X3g8?WAu#B&tjL{m$}V z{ByzoceK5H>)pcrMf{5dybOR;SWNWv?1!_nvp)-zK~57M))_<@b0In%sfH8hvzW=V zAmyV5IwRO3phb_6OLSF1O=b6}{Rs_&PlC3yyYB>;r}ua^OA8rz1P!LZ$C7Qa!t&o8 znBvY)fA8HL5bp7*NU56S{8ebqJ zNc1a}^YRtPK)`dl^GYd5#UF(=s=TlQN9wTS8BM~o%5xO#1%(@Jb{x07OD}<-#d~2* z;Enc->ed)b8L_Tv*WJhIXz%#LUrY^J+))3Vt{nb%o4-~*C&oDqivPlBu>Xs2veEBL zi~!z)~)^bu2Y&_MGUJg1<`{w$@ARymPu%RLe&3?<;>KQbGdNg3UAQbG!#7^l7S)%ew zLF~OY%!qyo%M&nv*kM$>c-z{o=9v#a;Q;-;)BC%VEjw)R7rwtP4TX@ZK&-jNRl@4^ z#}@yM3$pLG=uYz|c8fgN9thbgRS1V5215-bVjfy-2KtmlOM-{W`7 zPf`g&gaxRz!S#3zt z#2m>`Mns4F5nfJC`E-t_X~5?L6xcGv%l~kCzfF%hVjKM#qnEyh4LeVabuN| zAKBlVYLr(i>m-E>S+GVA;!KJQJnBf!(g=S}VViA!m^f0hEbE#(v534LA#WxaYM)<2 zoHnTdRJdQel{?o@SNUCdp=}9LzLCSEpWYLLd~h=n$f+%wUB%AeAYol2=lwgKEN z4NKCtH{A!z+pO0Zm``Prh(SLxQc5(bl}7mR2!eM7#rJMX-I~jro)pB*(zZ7&=lJj) znD!Ov9dr^wM~Vhz$ZBgBm4EnVq-z{N*7i>PlC6zR&d z4Qcv$dInQa7i$)O5jk5Z42r}T0H$+&i3fr2Ydyw@q?_X-H|GtH7kCKn4H8Vg74MH# zaY;{QXPGY4vrrw;GchSn=ES7f@*xA!R;n+MXUAnz&?1d(*JTU8oZy4jkr|d-O6Hpb zW`Jj~KlVIT8Hs&Yn{FiqWdw2~(%p5<`?s*2ocpw@4gI&Te&ZkB1CLrtgPpo93XL|a zIx>6B4unC!QSHO61*@cC#kZ7{oi~dyQFht9MFUZI{hz`T7Z7jf!O(RaUn(wL;kbal`&@^e3T> zF3TdhEN)%KzWVX4lxV^g;OYW{*>#}R?AO}-{sDskttE|KP&}$m?wM_q(tzs^k|TkL zl0-cHD&%$jEsfi*guP!3Lrwe-b84_SnhLdqJHyXWOH9cY#SC`QR?z?|D;w~_TAf8$ zT%Pi-ai|tW2@+j>-)uyJX%+qsehPYaoI^g6r=oy*QR0KibP^$-ZBqVbj}&W_$K)my zP!5sn2v7|uC%_gcgH06k7dP7M%qJn4r?N3;PC!ON0Kr|Mt7Ct%?8~EKDWmZ#Dl(0X zOt6`T6|s$#n@c3!;EfdwdP*xlUI>uw4kBSH(%Y#@DP#%4+$7jeY7y={wshA{Kong3 z)~W_85+wHCM4*T-7+DaztM4}*YV?Sb$kR;W32}LHpT`Y5Taa#by)eYG_(Lew>F5my zCmj!EHgbY~`gm(ibH37uW^c~~5?4-S#{?&MrgS2M4v|%|(ozIEu!#vHph^?_9Eg^d$r8N1<4b2O{N8~?R8g4|u}O%8 zSg6#qhJ%Oi&)ma;z*lV(-~Ud z{@XgmP3v7khT9GgVt4(kvwydI+dZks+g;JUI3%SYH8e^st0DbeJGjL!YN2YsBa+Bzzich% zqMkwF!~+CROiTMBdAtTS2gt}JR=#lzIwj zwDGnJB7&bZkc%xQ)-wbW!zhq>Ll+$@CRZkpk;JRF1bZ;csEvR(npaWmV`B~1MPSQR zW$RI(@BKP7cwe*#=2y&SUPB4b9R#n11jn-n5ky~P3-mm3bH*BP9g$mXD^!Dg33J2{ zp04f0))~jsVp9EaG*f%blYg!CCaM;*MQ!`lct{mcj}#q+O=k%etB)DaWA9>Q!q6r5SYfJKH9d#>l{^)((jswIYMy;fPWcDSirk;1Sq*(L7kLumeK5;f59PfV z-4kOADVL*X+S5KFY3l>ETcg48wGqzF1pe9@>UMv4`+aX6S!4KHGfchpoHD#25~V`_ zMgCMLOIbehu#mJQK25CG12G3O^tqv{9=AOma9`Ym&}R%dMQ6L1HIo0U2|I6%%XZxw zLodGN^&*Wi>&oFCocSFfSfUDknJzfE_UD|XN?Hl#d_-`B0xk=#y#-DkZLNq_8Sn zxI-9ZZXKzTgyOd3!YUj-&9lFaJ07oPM*IU0VK9H4s6`yekBc@~KcYUFaKx$V&JlQ= z&5Cd*SG^I155bir3jCg>Pu5}^9L*ph*PSlYW~6ewpN0;f0b@&L)3o zr8MZfQ__s4a~P{gt_x@irYy1*ytxxbfbTRz4+0}>X3`(nQEqIf5tMQ0MZDp@$0=6x zWwBu&pn)_4Cjhu}tl@R1$v(bV!}_JvXD|}a)SCpENRW2bm9RgkSK0%u%n4b%inx~r zL15$4`Pi@<;jh^Xz^T)gk(^616`WOiq_oy|&WHD=a|ItKu zhp07pk`LDH(odK_U^Lr3Pd?fFJ{wOzUSPdR?biyj|J@cz44J%WNdDcP!~i(V4p8ti zf09XAiK*JuNf``xCOHvku!YjEp}!oF;$A)18B`y2Y5I4a^C97|aY7;nxAKk*(m)vUSWC5oY;8*%Um+jYvZ%2 zRfWCFG}dI@h;x5g<>wA3g8VMG*`-;d4}t$WM(q0@_$}cL5--^WJTj;t%JhXhQSC*6 z(|)B{_eyMeV1M(+IK{eZv8QuPY}dyzCBQq9dEDn%;}kLN-S6|A+~Z?J!W~7})B!Ha z(2GJ!l^H$3)&u6aGk32B(ICD93{Xe!Pi&+J7*qQ8k7;!85EBTv;hN0k)m~|`f^y=3 znDjoP){XS4?^YGw9BHf&jjY}1(D~Wl^T|$5j{l^tS8jj+X>^3ohbh927<~4iP(aiHGrBbwvC&i<{)>L=BX4J3HIJEK$V>7NKmEHtQO=}cE^Dzm@B@0j`aAe1eIcIZ;;cu)1b8jrl!BjGj@Gkrk% z5w8wogiNWUY;A7&&*CHQtk4xjHk%lf!2e zXO}A-d9#&?S>aWb^)LpE01NFQ-56Ladhg2ReGiHZaNlc& z9^b1CttV%BMzYv&zFh!$YGpS=^wT?dcRKtraa_lW*_Q|t&CKJ zAN#NclNDb~-ZfB5{*{f@Nb`p<1Mo?NCFs8RdfIoi$+=z#(may-jI_56j%gTFrCb_C z3&1L~6NBT_6~(Z9*C3O#p=Zzd=3_J(OEvsHOfzFl^OJ)Cv5Yj$7~=31Ycf#+7*lKV zNSbi>v{#B_f_9j<3`wVCC(S6(DBU~us}WZ@Q&(R4t0JTIN^?+Eez+6?5C=&2ajG%Z zD^5&$IB6iNB;NjZ+Yp1ovOfJJ=?j&>hftH>y8?mQfQV;o>V_05<3T)oL)d`U$qYsd zYi^Hr{SKpuQ+MbW^s_0rw2N?_S4nv*|d4u3$ExpuX^ zJ1@Im{@=)(J(Do#v?$O=u44E+SS2Sj+h_#Z+~Q*oCJKll)NuM8_bls4V^u3;5XxY| zex$Rxlrx8#LONm`;KTT?a+on_ZqgvwlY*!J+yYI6@1ZSy1_liq#{3>;DC51vE zueIpbJ^Jz~fO9HGsq3H7%@qG_u%p#2xk>0{)aKQqp<80{dEZl@*#5F|u-*gF>SqZS ziyqS46F&^PBN>@P7y^r4hik^jt5oesZh=L%Ce1m^2I#gzru-u75PEvrNE{f6a`lp}cQ zuhBIyW~m17-|x96-Ci3Sam_j0eiWAM)WrefMFr+t(Se_2@&i{~`+e&C5FM83=D(5Y z;Hc5ta)M@oXC*YV_2UG&4|P_F=717ZKS77s;Sf=gON<#L@vEO0%5Z~jM}s}iaz(!0 z2ar&6%q(Uouf44TvM=#)w@+d9PL0;GD}|qhYDd|p+nk=3INXg!G>g7;s;b*f%9RZ|GrB)Vi@q2vp}3$dO6mbZH#t;t0N# z8o|e1=FWR}{cz*CkBnf{Hb$qRM5sQ8{OAZK6lle3NH|eYnIB1{j3n}T>f~WYRp6w{ zCvBKvF<(S3;}dd!5qvT~5Iw$TvGPMAi0sYN8+30rU0q?Y9lo}o&bAi=6#19W5GVYi zBPY*kc_(qw@4W3vVP+ssI#{Z#bUJhhx~8H~H)#4%OqzgLVpPvpQ;^=Di(e*9K|@cm zq*{a{V*4cqFi1@0hlVVvmgB!^O1)>j=RJe?PMJ92(`^E)i_+>A#=N;6AvhhW(50N- z%D3YQEu{wymq&a|WRpK6zJL_~IFFNDVrz*!$+&195b}0NgVFG3NXefG+axvKvCE}}~A@ac)qkzhwoE``V*PVNRF6NopSS@MANp7hsX zq3-5<+3%)Xptn5RtPie`Q^IEzRTA%4v|?qVvd8qllF33D8vs9_v$m0l9ykT|&b<%=|R0o!k4JZZb`?*9WCJpYLnRxinbDrdw3EK6PsFlB>9 zn#jFY>e-N3A(5P^2zz}_DOvs%+7l(F5!ZE0w~cYF4oteEgG z&FY>Q_PRic_IFT=C7|rz8gp=ZN}|$8_!k&+H%gkUVAEOZQrC$Lrq;I^x4^Q|f1V*s z6tmZ<(QmmHb?=YTFp^8%G3hloht5R0V%a*lVWP=HZ(PN^LanBVmoUH8F;QryY$Lel z_mX7$0x!idV@-#(enkkut$EYbS))SvK$p5(=20allUX&$mp^ILETM0PA2uJk^{Ts? zNPb~#s^Wqho+f>dOn1L=mb3DDu#Klu;;GY^Dt|ezs*C!JEcPxahF>OQhr}| zb=1DwRdz<>>xq0;qB4*D;1iL3COJM?tLaz^v0dQop7(*XvIpuCd|Ps(D~5!*W931$ zHFp}C*HilhRtIjAw_atZNp6c}6X?{b`D{}~qqD^ihs$98$<=mwTr1_=xfBkIgut9A zvzfCUF&QDydOVYt(~4qh&>;HiJEC>IQ8E$kGd&gV-$n*%2I^Vp5Bbc&PVeCotcem0 zC}4l7J`E-Z5$0vUt8XC6%-LH4tN9%^=}|C;8l}C+Cn{B6zgzbdRN-O22M>=O9`&-Q zaw47LU@A$al&v^B^SQJLZivY>+Qs{sAQ7mQAUZ|#6}f|zl-S)g4HH_Xe)FfRA=ftZ zqF=MC=ivm~f(*m@*D}HbfB&T#6_x!BP$}jwqhd!?SU0+MSJk#g3bSOc&(L%n8?EsT z4wEmPm{2b@uaJ&1*7jy<#?F@O``pa#pNRXJ1`~V;EhNHdRuRdS7M`qXh2S{>&~K7$ib255l@F6J2$#sXTdART;YT zm)^P}Rc`Z!F(yaq($1v^Ck%Rs@y6VL6%4w6-Ld`Vqi+(q$^f9Kce{YKe1IwSQW4jR za}k8rv0;`&Y=Fp`>jl9Z@7G(V_PShq2$o_~N+B znBS4zw2U$?aD>GIhX^7wY8Ls1rg(BABuI(e`F~8F?LlG<@f>Ex*0DHdQ6vQDQFy2p zjNBb5_gtc>yk=(0flX!>tCEC}zsC#Ztse{4qOX!=hYN;Wk}y$B)+nHdMae{Ez?_%^ z1Tno|khp~TyzL|Q4qnM-<-B1IuZdM`wR&t2gI8N^iPsp?js0HjqFeRqi6nA2{*}Ww zw$-x zG=U+lPFE1{PELu~qKJ#qhzp3Kb%G}IkKnx)v$gDeLS@`hC%-6|R;P5x8eo!dff1k#C@Ht;+ezs2N%@L_CV(Z|v-LU}y&QeZ+u7FX zpb=F;!uS4r^y;;Rxrt~XIdmWo-zLQ_lvl*Wss_%ZKkAu$w@4b zIi^U!WABGSs$kmg?CA6G5BJ?vE?8puD32rZn)@D6#X5>F*^QZz5=Zv9spVgJU-;2v zi&Jf3c+An-^Q9ERVCEJ7T=AysNPqu=3w}{PhyP4a!6_XX{yRL4Q}&HxY=yom^T0^) zl1)in$2bJTjXV~sNR=2rVEETh_5@jXn&(6797F0<#MDguG{DOmG)RN*-5g)Rc=FYQ z1noKj=zB9jmw?hKG~X#jlnVKmSvlHd>ZHFvQMrzF^>l2BB-trcwgNna7;ebecP7T zVr&jy7U&u)b1=al|AAh-rn;g#gJB(JTC{5wnYu(z|1`x=t0pm9&G7=Ln#p)@eMBk^ zo6s2ZK=}jN?9z}8-|)KSQ}*lES7R<5$(SO;$MlFL;w9F)1~P5d4J7c=g(TW_Vh~%R+lZ3=#EH@F#a+8_cQH zU^9=06ZW2$>J6ydf3m@`zE78nDhvAFk(@!y4biX2MSg$^$KpAB!+J~6aR)MG+EpLc zwBs2gH@$Nas7Yhq5ux1!lN>Ne5@`(NPBIT~<{gnVhnf|lvvC$Vr^f|7VJfZS-Zd~Md6C&&m3u+xR$?gO$Jp0FXTlFYk=U2mNB4an@w_R4N^+y#Y$1!ha_zdm&3a1PMS+5Nsnk1x-P_cIQR0QwHGns>vuv@4Y&t~>c;K_?w693wJp&Y4${vd3iieqL zyZiXDvgtiDnY5XFFJg{uVi(TrusXU(#A}M`B0|nu85Z-j$MG3aMxdTX8o+-Xy2edpK#dH^Y9z7MB-_v6{r2jZHF!i=i&(?WeIMgu)mO!*(2K5tIH9B?VU)B{SMVw2<3!_N`KB59Y?=T4Lg z!du`UWk?U)de&%J;l*7jFMe!jm`1W|e4Z3io8BgOEbUw7d*D=GNYu%q;|-6Fu%Ip? z?ri&jz`_@yc*}obnJgfUOQ*1EiamFJ6KzO+u$iK;fP-BQx93Wy(SdTU185 z4qe<7Gk)l`Pmb4q0g%S*8VWbd9RO?Ug*jVl*dn~&u9EP>9(B5n|+TD(RRdv z?1Ni#MS#{h6AW@r|K+*YE$DIX|5}j*11`z%ldn17IovRIK2FveN@3wS4)vr95Y`-4 z2Kb_d)4m);yGiin!Zss8sFK%J4|4?J{l#DX!U`JsuTe4I-p=bkGVhX%GM(zo54{^F zKVvb%ZlF|icbR)0LN3$TZkRVf;@Uk0K(rrRSZ|+i11eOGTwK(O zoc?RdxNqlOLez7`k&SWnXx~ENQNwuER`o(N3)9-*u1es1DZIiQ#FnCX(s*nm-wsly z46(C;`S4XbU46~uZx@R~vCl`yboGU)J-N+4L-Q4i4L?1;5PXSR(lulxBEbNf6O3lZ=^RXMFpHP%nzs-|F9>iQirzo;dZb2{pl9{BG zA&u6uJ2vHagAWLsu=XWq-S>J&8Wd=A5HACyQS90{o_>+zuBM?Zx!!Qq0$iuK+FolL8%9a z6R7~oMEoOklpWLGj_vJDX3iLpH-*NYW^C7643c{QtzMr$o>nH}Y0-m6L;zmXF_Uz< zDL{(SVI>AykPh)&{1>#R2d^=+sf~Qc&knZzVj*v!@70{pa8ZR<6mR2G_AwQ34@b^r z5v9k*04Q8qV3v!-_~h2AB#`&HviPToq+?7%jN--EsCXpdUZMOf>JXt&@Qax|GvZwz$5GKM*JL%ifrx4bO8sC$_3l_GN%>G zBT3wbETlu(f%?=lz%GygKy!xN+!bAFv#_YkWl%9X`9CfIWd?eGxR|2lvT%XFCcKIK zB^;`R8C=Nm#l&qxsWUA=w$T@rz0$~|Y4vpI=T*5?8%$f}`?J6K_^N3Nwa^DEH{c>R zX)8+S$-clVEvqE&PSy9a1>TfNSuL+PF>An_9`R>a1 z_gC0D90&cW0bO?6D=)bzanZ593 zWw5$2AoSxY%M5wAFvvMEuo%ltAsooX50YT(5)>;C7{yc130*H!WA`Gu346Lq0hmH} z2V_&?LZ%_bXQxW6_yxT!iNi#qTh)N&QAv%WUJDkCc4qSzcx1IXp3Z_Ah9=>si^YGK zB~aYn-4Wq3-7W;_fA>s8)jAQKXoF!8(Q!n|5OU{++(8-bat5|f3L22=)M=MbqlWmJ z8jODZ6>56<7c&64BP!i_&%NFz1OW_g4`FJ}0_($+{=pf}kT(Yb7I3oA5OfCyXYQFl zq4Uta_65SK>8b9^?xt36tF*NDZwD>Gc#4&AE^hErbD-c6Q|spz9D3#*!T9o;&h8zY58>(@HP_|Rt_>rK%xK^Xwva?RJ zLm4v^+Tx;!57kr>Ns>-?9VcF0zH}iN&#_0?Exn41CQ}v?$1L$E7VjV=K0VjP&E1@~ z+z{3xs@T_*@~r%z1Gbi_n4(G}BB)cYt{-hrYkGn%ytoY+t2OK?GZBID~DqK@dS220TNzTmeP# z#P+q}sC^g%$0eSgZ#Y5;1Q2TDRb|9W;GxNA`spY{J3BiI>0q(Ninfjyi!-beHaFq( zMqhyD&GNcPZ!P*hr%nkl@o}RzA?DUE0W2doa41yir{$u?10@!cI8M*5>f1}&oWyscUfC1eb>=gyvA-3yfmo?;_`bsK14!$4$#grYC15emUA7&_-bxK$ z+akt~{!&1Wc9<}~%q~3iB@>?NGAn$kR!=YzB#D&e7AUV&Zx_94nXOiRVf+?c?zP8R zHdjRlagPUD#CuOq7l&w3e>wyERGs6gr->7JkZ#&p>_Q{N+mLdqfqC*6sRupnIDQNy|a=nySq*a%_q@I*%lADh-=C za?@U(A3l}Zc+wR5Px(UTPSjp~`^q4er zV&DE!>;17THCte%^4#S286}s>jN4-|sTJ(#CSa=CX}l`Okxx4z$k?Q2tur@Fxh z0wIEi6=Y zaBo!kofo>l9SGuPx0)@WeQ>ge5Yn`<)kHHgnB%oOXw5vcS+22-u-Rz;re3KT?Hy+( zV$P)!qYrA)LL`xIWlD98uFmF%`>&D+v!Xd&WD@Y!8w^Hf`L_o}WmV?YOc;xEW^^>1 zleO!i-kqJ%dmL79nJ#0?n)L`E?9U8kJEkj3csCDh{7S_Ev0oHN5(>fbkY=Rau~dfY z>7BFr5Myt6<=maDFQVK}>a_-zYji-)ok#Z}o1fO~QX5C~JBOXkAUrFKNgZw4y}$TK zbg%yddR@5rM{jP!#zyM4WRiToXBdoZ_raL`<@#FfcV9d#q1i~>n2%o=_W17hNePmD z18lcyNJirA9#MU-5G*UvNT?cZw9N=GX>Y$?L2LQ!kt&EwkjqjfsAFT>!v>8JW(wdl z@VVI}`E}l4J&aG5G_bUZiM2}|M{qk#8F7hzX7{ z2pTD_#AIkMj5-IEm_pjkd_+q5HgW#XpiOpa>fYV6DEP z80`X%JojcGN=e6~gr2q)_X9$RgLqn6REByw6s-wx}!vB2p% zLXe1Jh2B593MCw>-;St-Qe3yUqiy>uIqh=N;^KnOnX8N!@r2;u;9Pi(8m#pBsJDWB;Yl6`sq1^B3;a0ltc$%7YZ7Q;>vU;bUY^!o=fABt6I}&;*>!z zv1EWombhr+PeBH|?&b`zm=YhW)Z;VV=^vTJpev}0C@#hhZQ{yvv3(`sTWvo%yPj`& zc}C%|UeJ9?HphcluJEE5ADh$(43DT;=Sz=$N4kG4-2#|Bq&al&AsV>riSa-^*7-s_( zI~`Uob#>Okg*#GdxvW0V2ekd0_E`6Pak-il_8%o~`i@|QN(N%-PRbT|Rvvwr0vGC6WkDFEEPo)Dl3T*x~F%gx1x#>x{e&dKZBt_!9vO^(k4)N=g~5Qtw$G2Q#H&a{HS%t*f!I z^JI!apXAM}(1*khqkgzo(#O#A(T_05gY2R!j`(UZ@c2xuhjpgvLh zu7%&{sInY1 zpdbTEX=xAKL{g9~5+m=}pO1nbO_ygCDa&1~aoL?y0nnVTk}BH8WLwGqLhYEbUd*~EQC+K zbSD*PSHe4($w!{m=8BDsqR9{~;s1C@9wQLep3TrN)NSyBOkf&lMX)NPWvlP7ZMoRl z@zX6dHZ(N4OfXp_{}KZ{8TTv|lGX%(bMX)=SFi ztsnonG)cGSvU|wXL8Eod`SLzo8 zbWnEkCN~cbTW+pNHB}dKuY=CSq@=Ri!#0)c-B{m3h}sY|8NkKyvBA6LH3p$=ep=~B zaC69mv%zmV2D5=GH@9jX2Ff{%sU+{87>iQ9alJ=4AHubd=}CY7SdoW~V)$~iVdv=P zL34a^-C~4539BHakaMwH$S^BP=FGl*wRwLPO~}YOb@FPCGdnVs1cmrOs%z^sX(tW} z3SLL*y@_Gc`3P`1ADg1qa$E5LF{5#zMtI>alkpX}OEeD-xnj?_t?*n+buV5zUAIs; z-A^*@!KK^&7g2TL;V2nM|t>NQuqxUuk&5cAFA&h$*9 zj7>Y<@W0EdA&AE`K5k(%|HC)}xp^(EZ=*;Q$N=B}m?_hz2_0F8i1I%_&h4I_!l7CC zum9s#X;gj}QE{HeYu-=x9r6G2VtmFSV$i28Zm7I)SH6G(=l!&~aE694m|iRxT~j9q zGP4Mr#gfRVFsvV?)C&t&`z#E@!m)f70WOxUuI|n@stc*l4m>O@TAj~_o}BL2v=0SkHCSlIqx~qeo!(Z;fxtHf;KLa|HMh%!c<+<)W7(!aKzneAk>TF{ZUGIm z>mmfi2E@7$!ZU_wH}5CvBe*Hga{>bZ;eeqQ7T8K)1qG`CcS(^aY$N3<6*CauzWrs8 zaW=H&GRgq*VPk73xK^`BsgxtxupwEH{V*Mm7t(e;kaB3)AU(cCG6y0E+MTbJ-$ypN zfe-a=r`=%f<`R%$&*kS)hEgPmK|y^_bg|J2XK0MACq$CXO%)IU#p^TKeqYuZ9LE~5 zx%;wDmfam|;{t6P>3&1KWO~Qe{Em@11)_isUlp5Q-FGVi2!?p_I}yCM`DUh(KhDbW zZnUocS?hxWNJTVqZr8I^Eum4{@k@-kj?Sc_-uZ8JzFaN?Vc0fY4;ru6z$|Vm1pUQ zRI9T|s+yr|m&)P%T#mYlhD~;=_q_ zoIfXFt+vWT+1}zNb156_uL9_JD$S2jB(<)+%?8ZXzEetM3BX+^rzo$tb4W?)DaQOk zMH`2JSDdF&5P8eEci8~3Y%!TSB2Y=ZSM*xK0TVIVZvNlY9S z+(^km%0iisu+zikl9qJlr_ubt*5P5r3mME^G%g!7_f|ct;$6|7sj=(iE$JhvQy@SM2Y zX6C-v`u^NCLsrQOQg=Cm7pAr-aq((2<|^ZUNOZQ+L`u6CBQe12WM44^jLC0%`D(7# zaso3yZKOoMw9Mjd(Rry!k}Ewellp17!E`lg23os@imlO}^Ior1#@=4d_^9$rLUMAn z4W`Y<>F-r#h~Q+ASP{Ra8b%C76feoA6*wP@MkDybZf=1gR&F4E!JJ=Tx$9A7AnImi zLr@UwcjrR`YY_dHDL=24U4wtEVL@+}ocb%7#ztWe&g&0l)HFk7VOD04SN3?5PN-A2 z;cF%CrWm+2_Nvg~Ivat%R7`}2*~Yt z(01txy&x@(kuPMSY@*+z_Rd~D3oNdQ!e^TvUqPJT`lAt74{t+{zZyES4c=iq@r-}S z4f3m{Z>eOc{w8WQICRC>-hzI3r^F6x{J3puswprLJLVlOwx|2#;D6$wvO%#aNR33auwF}5Q6dNt$AV>;x%?b?2k&u=UXh)_RbqrqoBi=%5pL>OeQ1=EWnSL*uhL^edU9r5H4-*p%42`7uf~+pJMyuhc5i2^oOg?0H zJ+E<$vH}C=D}LKyZNQGf@t5%a6gB|=Tc%;dRAWawZ-M6!G(^qgSoja7gcwSPd;W5j zYLR+d(yLUo1Ay0d1Z-ph@5G#fW%%(znT3M!+>CF`iWpe9H_!OIa;d(VJgFT9^Yw1gMEiBIT>@7fR zgLiQ>_n|NsM2fgf(MBEZFwVO|xL_M}>!#-Je$2HPEo~@0%F!-z0=~sJe~m#cCyh#j zpS<32Tu_hcy?dFq+I}bFycXPwH@=)MWqy;=H-&`9r}lLill_dEsKNgUTkDK z_XIpK5)Z6-w+MvmOCqg=et&$YUqwgIV#iY}v$%&RH^j%iZ5MQ|8p>7HE{CV8;#*u@ zE_q3Qxy6~!w1}M2e|9d5^qFDeXKEOLli+J65Kq zn42q@Zl!j&N3~jc6V9%(xHRz!?h(_WvIT8lftSzpx)Oq#!u|Z4HsJig^j`j})1p_K$wse=5Sn4G{c;^=+FX zmiGbo7n4c;csk!?8f}I?{Kr#UD%qh|=IhW@4s(AX#N67DbPPdk3KE|#OoGPYrQ||! z647sBCE7LiFm`|>kMCXLP=WkqC1axLH~zscx+k!Fvh`wPU>Im&7gFjbkkbBM!*jpQ zBTQZ5!4}ZMb+XU-^taBI?Ah9yQ^~jDTmB|aTA=QT9;^Ur*ZV0pr!SEXOA$U;T%8gFtYgOx5X!%=MhNIu1? zbQMgGX(mM(sc`>ae( zM@9N>Tl;_Ay0aD1P)~p7Z0)u#*hDh%e=|@K0_Z7plQ$UMAO6ZY5E8-sORSJ=iGT{f z!J;2wrF_8e?c3j*Qp+I9NHn7#{s#)>Qe)tyx4P2u{K!l0?z^w<31v%=UXOQ^h@^7| zGmkX-XEN|s@c(u0cRNG7b)Ru!zN^3;$;P8mObJ{;2d5tf4qO8yhP2U;<6!D;_F;rg zma+p;p#hwT#)+lar1gRNgKbb--d6?uQm_(mDmABY6D}t8F%Z_Te+93nz3aC335}pn z(&E2FQ{V3$5hk#nc?sv#&;0w!4c5R4Q6j&5I3NuJZEa48Hi+1>rSNpKwZ-HQqw1+m zFIjKdR&TMO^n8Ct4YboTfGkA9ofyfh{woeX$NzpnSL|W)8(NnQ7W+%oqU|b`ZD$*N zGh*rxVXM|fHjBpl)u?zu(4&}9uEPq>;TZUv=Wx!)bK{x+>KaTbaro3DQ=ow^FG}<@)fGD4u+1k=x-cC zUavS3O4c#j5u-^_`2fyNPEikeNdJB(ima)WAoF~0As+STWF8CDUj0(7bGjq}2-J$L zX7Nh$B0*6?;>1BD;pZ&V>qXBozf-eXq!ZG-5<+br+{4qu;pFrPpCmR3w#5Dzh?vfB zuL_t>rylhhOEfQnA55{r`zsU|@l|R~Ny%m3cbekq6Niw7E+LUTvU(2~e0`UA`j?wL zCSGrmHxM{8e6!)9Td`3!R97kji?);@w2?uGpPs{F^?*AT?Cly93THi@#n5&2OFKe7 zXr=xa>(?Fq_vR)3r@=?v27e7!I1y&(rCEq)P|V&KL2*(dIeg+#j<)siuoVYn)0-uf zCowWy0kzY7Z1j3Bk(7|$p{UVK8e1Q7@!Ulw z{hi|>tl{dO4rH0?-y-0pjT%KdAU-?Q+MPck9!6<}!rM2Qq{KudG?)LRV2H`#u!7D; zlG&hDE=}X{SXi~0Ema8{&t_894N)>55-vSsa0eu|{0PQlbMVs^40xzJqQ^Or`Dm}y zSy932GMp>XH-kCTi~%>YTl`#aPJRdg=RcTH}rwb< zHpe0Hn*vm9P5s$E13nalzwxf_&+z@tCdnWPw>K2;3D5KC8uMQ)j^#2U3O|Zs&SlWq zRK%&<82BFiZqGNqjy~DXAxS6y47$A5Oc2W;`6;LNf^-zxLfNI;F#yr`>Aw%5g?zqD z&Qmno7WWzi1w!*0;h|64Wn_RuS~-d$TR;+y9{$VV2{Ct|zH68N2@5MMP=j7de5ip1AuEBvEK_3Y^%bQ{@&$ zKq!&F|7w0fQ&O#k#M)fjzDx!(gIGdo(A+z185bP>?P0gHV_muobL7#CL59cI&g6!! z15LQUl_nB$KK`PtwA@MviBWH zl9nYNy-@oaplcst-_%)sOJ8>>Vn$=$_ibO2XkXGdfoKNOn1>t!!*{zf2^4SO@BAky_pw_- zF@0JNiCyL0qt(*LE}nl~yzmBpVh_%dC0a395v`4t-T4@q2IRgaX+yGK30ke@#~=2D z?q`+c&Cb@vX?KBDLT8J8EkrUhUV=XM=OmsP7XaQxM>rGy`#ytdX)j;gH)39gqAk*H zkY0#0>W5c43Cci1UK~QrT?Nu!5I-{85?pjU1(`BLsRj=5Wp*29yo7ZBh~EcY#JH&a;R@FM^zDF*e9=8*za0jRU;$XB z9w5r~iZ6L4VO_nhRaEA6;0*H49R95_f*hHWsBXMWeb|9|gdA@*61xTI-0V=W5Os~~ z!=i&#pmgqRpE4y-5BSZsl`;2luAmG-jCFwjc^mKdiZ2VaNbdn~Pg*LGVqspMPfw+? zO%xjV#}|lAcJs2(KR*I%4*5}@KVcB~@(l|jT|kohI8a=P316}0R^#m@0cp%Yf_bo; zB7Nm1ZY(Y+pIrioA>MaA`ja@$7k;p{=qz?mbF!l2Ys!Nz%J@8jU6rODF(xp(;GsYV zpGWOR>0UIULBCm6=8SV*KMAh38FOYHo-rNa&lYS@LM0B+Nv~?nwDR{Vk7+-c@aQko zV`*d$>O_pAq^2_7#rr0P(=*tuQBZ_d+D|>9dj17#G2gkYzzgzQZr!?{Z7}I1zYzjX zID9XR(dI?<#u&Ob^(W)qQj%+HlJVz2*_TN4iS<9MYGRJdJ_9Er1-{h54Z5l)-4pT< z!~NEsp?w=rvx>hsYPKII{K9ffiZsqfehAUlzsZ`&24SC1_$?8LCFEUhK@6___Qt;A zN(oEeYd=_Iz2K@fuIf$CSOeHDbFq$kY*XAD55IBTi%t!%xeRHN zWcs8VpM_FAy9)Ak#*MC|MJkvJM`_H7)e6=bBorNUf9rGxX4yl-kBU=gje1Lr#l{(# z<|3-llt!frDtUrJWEJ#L7i)tv{R3pKW&iZ)Bl-IB3z?znCH6C0dJ1$&jQHVLO3(k4 zHyUj^_$Qw%t7bAZUCk?5e<@xtR94*g?)lwgi-WP7CoN9d%~p(93j<>o!IbRoUdVoUoo?Ecno}X7Dk`OHFOo z%gu0+MiCa%Bv!9nKmNsWY_#d8D_V7m#)y|{+()XZbmSX~@K>_@TQg#Ir0=D@_0PXt z_NaFUkECkANk^a9g^KBW3&#~!%s}XstUEuo^)-<3JRCbDZ1YdXcY1F79r!%lzJeB& zLy9KCQkwM>yvyTQGEq6bhfapC<93YAbjNI-_U0M87s^ob$3Fkghx!kkRHQR;!2%N^ z)E{5if?*FXkIVw%b=~gyj8qTk`FI74u@}aiSb#4-eh1uN&TX6x$*7#pF{qBXKU$~6 zXI_tH&-s^;A}Dm6g+8sgJ~r(#ylC;swrIF31OX@W}=Kp8&LQzk+}(z@f(3Tv_DnBNP&j z((qSvxTI8pVpV>xLq3RMT4uNtG7$mCP`LDoG}6nZkNc>r@NrSbp+Y)Oj58x3E|8bH)516EgCUUqE}?!uKR}Yn z{|Og2vLpN);1zZyuMK6GnW`4n9$+S`%v!?}tt`sQG{<9!@&(oTd6wxYk9f*Fa1U01 zKs-T_uwHg+ZqhtfvQV;|ABt0_%cALO1{XH5u_+a5em(EH$877HD2QqKHBXGaZ=K0( ze~7Vwr6~8ULqK$Him-)*O08AHp!fa-YcgSCS%(rbKch3KP@i7CJe1<5=OQN^@5q*# zmR3E)(3Sj&;@>^!|_z2ZYza-q4D5 zUq%#88s{T3jT8~1CFDW`wwoO7r+N8PF-|=TI-fz`(8@N#_eum~Ghpryt(pWoC+xG? zZYuly8-Fvc0nTW`Io?(BhK`$2$H@k~&X{UJ&_3d_Y`_%fDC3cG)u*JGvtW7ip`p=8 zhL@15`+NTu88SaBQ=60h$(vqxE{P@Udvhoge}CR9Ls))w<%_T`-VBo@n2?`A_bRu3 zP)6ivj&ynR_XhedMzW9-^V?$dsxUxyj`igjrdOPWRE5$f)G{tu@mP1eIp(NXV)bR< z%GcPt#)QCi;de{+hgsgPbV3J4KQ=428j&dc$%81+m3Wl`vwW)_=6d^Uf+4y=CWV;w z90`_nB1B&vIBBoV$J#zy|0lVUX}@9jL#{+B6w)z6V(spGq=8Or_MTb22aYoDi@if- zT7Om-+T`y(SRzvEb&~ilgqPk<_48T{am-1K%eDv`O`GX<{1Av6)AmKdHnpEc>NU#u zAK4L0f6YX@7m%wH`LrueSM@}5?~y6}O01Dd(ikYn;9!Vv=4X6q2z;Eh6?j^54NwjM zqdII6c2RIqiVp%(=8JW+DQUWnGXwUh+zBX1XB}h1n~Hr zaWi3Lq+$!SF(sgxysf~n9;G9%YLS_qyp_=N&lV(B_0n?~gGOawv}j?+TaDUS%1Ru*2f=+p5j>}VQQZ9>-zItK?w0=>Hqi8bzju`r3f z5%<_j2#PAdYxWdXITqa?pp%8p>q(OJ$7zkD2xs^b!z`UEiE9b3x1}4$kXuLcXzJuv z?VVxo$!5r;?xz`&Zp#|19un+cND<%%7A$@`6e>TrSkyAv&TsGq{emjJ+ZJbu+ij>u z9F@ft8i@IT{MJL%UW6e*E91^)DAK3vHeI!{%LygB%T4ZUcbmC@nAlP3L_hBF+c0}% zrkLL(?#61xi_G5g=H}JWm0Tfpe>zIn+QA__q(G1j-QVLgaj^$eG*{TFke_i`un?Eb;ZIYO52as}J%j-)GZ&6?EtlAO{?`KA5Oi=4|z*`ki z62iXjHrZF^@Al*tRwVzW1ro2uGcTnzNFY3%>rN@VpI|&C zGPITqygxoa-jej==C-`N4*|$fr2eO=VC<;_d$zSGCkP1v;`eQ$STygIx3^_6JR5J} z|8}wc1owx`ZXAfur=a^Sz>Ee5q(ECEJM2@2y58HnBz~W0FR-w(y}GZXi&&~=#4&V- zJ6|ZOLgr?$jgRUVk_;OK_jyV{NHh~vjYs#Fsg3hP{@z6-Z-IA0`g;RMDlvsmNhF~J zVlQS3Q5j7V-3ZBKWJZN5;agT!GG^*U8R46exDrZZ$ zBG5VJ@)6w%>f}?jPOtV)rcdYr%7Z*L5{128r?c_a;oK<**Xool*aJ#nD!~z?Z>{ZK zxM5ZN&_5y%pHlQ~GCS;<@QsItl&HHH?C^X)jYqO0je^OOrJ!#c?ATlF z#}$>Liw)b~u7&`xpAM)GXj?^NGYeD+8LGyvTU#DTZiLmFG>#*RZ=@m$-KGP%dN zv5KSzxtD1P$bvadvn|=3=B&jNdm$6KJ2?>>w0lqyI%b+`3yi<+ru~N@ga=Te)rheY z0P#N1!Ephs1^8N7)VR7aspDlP`&X*}s6rYpp}hv#I}-d_&7aFY$hcbs*l8u>>e@z! z_s(OUnUhKpq<6`#v@gz83%07L0B$5wUD`xNO(qg4XqOvSc2{Bi>2yO~(#brJ82?FF zJoFjOUE^kH^T}k6;~{wF5_R#30|vXs*zYy&WNTeD1e=V@ynW8oKs8n ze7RP}o};N&e`RsCdSlm@0IXD7r7MnBUWWV!NpXmW7*{k|M4`r#0e5KajyMXlCNl}e zY$JmF(o-rO%t?WBi|NcG+k8N z!3|!GDkmd?HDKH(`RI^h4@|Hmf0EZ?8Dpeyt6jaQO&&_kwzOwlr&g$k`ly1e&o#6; zvaCDLZQ^GZdvnBzAwZL>MZ!u*^r4a&#-jI6*OdB`V+NE!>@4p$lC$#0EER^K{?{0@ zCKIl*aECjkaGo~&nUybJP~8f-*XDL!YWqm;{;{u8ZoYdeqv^k3 zAKHe)#$1`*k8*M#?`mq7641jF>5MX z&nbV%o5aWE$|$;`XXB4?MYktG%gpOZgDScuGl=Sw8FW{>g9T=?0iSklj55mPcz%Mq zcj~I?6#j&F6D%atUvwyC#hYY^bMrZvdX!g+?#a~t$`mwx;ejkiXI~=x@EvU(xP{5l zj-IID!o-A}Dz$sI5UR>*0lbPBfOSqvaLKKkx~lJbH{6+1xzi!cui5Ogo`zwp*2+Ha z*LOE@oqM3vP??Mt==)?XE5WtCHtlCmT$R8p9~HW_7%U8QX=)$BJGSMs!Mvrq2){iP z1+>OJrUe`fa5P#pggKfUc2!#C7A^$ngh&czGQv*%d#4aSU6i)~;GILZq8g6Cz^!1e zjK~)GEMxarG4lwPBk*3mb!D%`aKl|=AR$P!b_47~YD%rWv(o2qk_m>wG42spWHJU` zspR?#A}LlwvNXl)L4Qoyf!EgcO@#645B!=k$D|(cP_i@j`wyV&1{}?!{1o z+MNx!+Ka3-Y8XR;!!rmMaqRHdxO+ZVXABy(V=S0m6_HjJ*tPfUrso_4Juyg`uU}tA z`^9_XtI?43xAd4gV}pr&Z!?T%AL8NG(rox#y|5{$u3Bm@DsGnD$&p?R^**%fPE0*B z$HswagCo*qo%7ETozx(B$_Aa}+h2BQ$Xfw|By1vJGDoQQ4;4{<`+YmU?+m0Sy?r|& zc+B6rskMPcylaw&ulaEE-}KIE0Rb?81v8;A+Gpqd^~f%i8?8V$)lNVtXn}`hgH?D=F}mZ(suJ z9x~j}+|RfAwLIiu<45F|C4e{Os%<*N=?91$pK!IC>66F?AEOC6P9X$LbrgV%Os%d0 zGD)_eExSIa6U8Z z7gO~*17yiQRrL5GU6IJ5*>JN8_Gx%Zd@{);j5@W`>zruc5HeS0^BoPgmCml5@(gD} z;}u(f<4~uP_K11I~m>ZF#=)8!YfeC=33t!S)l(Jj6(TDtC$FpRkYjj z2($Y*3CdlFNKuCcM|B4R`VlN zhC`8@OXoTMbgRi$2C4p&Pq2Y6FC{ZOI@}3A*bb$-AnZIn2Rv5}}uv>68Cf0BUGDa)YS-@e354|4T z&zXq9P@uqf;cG?ML?)J~{SG^8H!}(U9Kkn;AkH%gdJ+HB)gqgtD7TBPD7Wp@z9yu= z@s)gpB(Y$gL@5_&hrDKiTjZmEIQPHw_}^{Y#)*{u*y13VJ_C} zW86?X2e1&_p@CtI1N&DlW z=BF4v<4YH{+5LncH~XdHAJiJ6E=^rIoRr;Yh4#Fpsb5&bUv$!Z*o8=kC5V}kd-&e? z)rL!Rv{R_XT_U2ID`Y%M!-A4sH)&3ddopkrcK4Y%5n5{#Gkp}f_k3~kK}WF~cesu? ztBq&C-DKdE-Ox{+FYir zBd=uR?SaiI#_WZHt$Nmpzd!bOPl&MinaUo zJakL>54hBm;1jlK=@H74)e;f@q^sD&592w%!dJPH-`)zbS*X6kxUAP6n^uY}Ajk#4vD4rl5(M60 ziot5FX7`k#Pr7u2o-KXl2u#@7s8jvD2XX?2nz zz5<+fqN1-0G|Mbw3;2ZOCi3X>K<8|}K!9jKq>^~IsW+l?+cpqn4aez~n1*+O@b*YN z^7T@_5);3afBGo&1otKQxeYk6`viHv`C=$FjA3{ky3=m%O%ajuYe+q}ycc?%w#Wj2 z3j6?K@|BY%;#d;@Lpd;(!V)goP&N;Pe;n+AILL6c)S*@}Cs^C$Hv=4Q)@Boqslb+# z(+1sGKLO1~{fu8B_|9s-jQ5udlAk?VW`94r!i*WqS!HNmzBiy}`j$OzeL1D0RdG3R ztB=vggbvq9hB7&XJFsk#jVDNFunukm>p^c?_vRO z70zeL7VqSJT!gssU@$?VegI}#8EX*$3hFe&s0#(B@ms74cGz1a6)FAbBE^ z!*W+@a~F`uezv*cz3vDj3u#(Qk;5kbWBdv<4uVnH>>nnbc zQ!yY%UOkV`$26I|ta2uauaeRQ?@MPx`t#A41uk2aaRO1iXYntYuuHV5Q3G@r%58+= zG1_{`haLA?+fh}{>hEr)G*dr_R^Gv7y)n*yfQ=dF0%(f%((agM-U7bp5I)2U7@_9+ zS<5{0xF(YMN&HRdG8x@U$w5CzvjhuAJ(`O_TOf=H7Mx>QU;Ax7sugy2OXp~L>k~Al0CT9eCS8p>eSFo zm;?s)jjpa4JzE-4aJ6++FMnIItPU&yG!?;fPGrGUA5;rUW?SS7%XPytvvxGx1H*?D zzDQ0vzbR&m#em&}`w++okGq;2X0<`T|3MW-?FvS>v}%>sNT`_8D0S=4vNAdNE!A?QwA z#1U7pXh3S|73R?w?x|^q0F}t!1KCfsX3yf6Qt=;pR4XD8V@4~ud#JkX0uyq{C1TEm zlm*rVvOo<*jdb*!Yz;FJPu`!gAH=XtkGHfI3uL^1UJkZU9_B^C9vZ8GDju;^3Y*j< zcNvrkgqpvf#rdHFsLylgC=e&uF7p=Mi_z+0AkwixcFokK&%I?R7OY%9tpCE>zEh)@ z4iyFam~zIoCSpOZgQYhcHR={GdWJx2?l8l<9@7G}E<+oUK`pHRe=KMpKRJ+n@s~5Go_U1hEd%p`(JPU$K8z8k4@C7kMPUu`y1a_sz$+rXo@m&ZT>)_QH?OMi zNil!!yNgQv?YES&@V^UH>L2Xt5`GYd!hV9RH9MoalHIakfMR9u8pJbhTItO#vXK*9 zY`R~ee}6!DXWH9HOD@$5%3i^tsg^iRjJQ27&@KF_|Dig*K{|5sWmO?0!lEpSZ95ousKRTscta&IK7M_Rld>NoAh5sSIUf}wq zVe_kb_l~j$Z_F-8WtsR${CdqY&kL=M1B2<00U6}8T2XwXR?@r%gdy` z=YkbG@cpDoP?m$+8c}k0H{qg>^}y)9@5o;eF@`%Bs90&{X>&TX90BZ62DOl?PRBW< zydT-N5SGj2RUG??e}x0S1qqDX7$u&ia9(3!+`YKsrBob1nT$nPVkENF`W_i1qK;Ks zS(r7{Ss6FTu9_$L{4Vrx_zNonoi0cyrcTa<9Fqfq>Ido|U>%59V}aZ~Yn`S!W@D5p zI>$45yafh^2qh^ZsN6XEuETYtI)%-?@5ysju6ZLl%Hsr*Nc^AUmWfKa^h7VC|n6A{5s#-CM@=@CjR98uDjCQEOoEE zC?&g~=r507C_-mNt3)MeZDf+696dfU3tT*xcaezQX@Ol$_N-gEDtjTt`A!$b!RiaP z^CB`hvCWB$YQ76WNtE%3aCk64=ugUZcQPy;&ob1I#Ou2#F;M$Osiju)-lifsu$5VS zLNFD&*9q^MmxLE-6${fUMqDSMBG<8$-u16$2l;#D#bXpS2};4sG+tt5fu(1~S!Hp2 z)@YqaQH12$div;{rv7qGom1D6JhyV~s z!E*T2M;x5ExT^wnT9HOlc(p7|ax`ZVPgW*381s-%)tMLlsha%GOEe1XGJ*YVp0yGQ%$b)R)v&;%9%zUJu z331s{4^J3G3>tV5wF}Q{hjZ*47|sjp;VP~tG7motD<7zp!7eB~aG1|2!V4ZIrX^Kt z%r(2~Q(l8d#Gy`)TEm0%LhkPd(k|GSu3>wm{z2r^?L|o$s|#z^I6=luWVaN|IDxJj z`gt>GFGT+RWCGy7njd0FV>!WP!ShOV<6sLpQ!wTBH?5W%idLPS@l+HMPRZ<#DJV{_ zlVxQ@m3YW5j^arv{LMk;FN$3Dejy(^|F4tIPdU@X)J^>6Kh*=u*JlX^?71~_?O&6Hy~i} z`Eco==~WI>_Yp)caH=S@#fO;v`MM;C#2~6+Y2iML0D1feF<*X95|+~M^xObI|4kMHQ1lu{6CjpB-mFVKMYU+@P989kf=mK zW8s2e<^L_GAaKp{zls2nQ9z>*W>>@X-y)#Z1CamA|E&e|%l~ghcfe}z7Z>;Af>h&; zR_D7j|Ip8e7BEEBC%Nixx5ZaTaY257x?l2>Y z)v~se*5Y_Hdfv1}PmyUC;K{$q^ZKu^*7;PmGMqS+(fw(GRPyZBImhodAqj5hwp(pK?KeZ$n3or?!^ba;~A3a zKcaBhY?eu9TU~l7^g1UO_kU;du8)gy($A6jUln+kA~u`t^U5{q2Ju4oDz5vG_|r-Z zWw7?HMksRBRdlOB(Z(ro4DAZDv$MvBkAqo1s+j+YLqyT5DV`bkbwqG7$(zklCv<9q4TkK19a{;jmc7_&aNGY@mLC7 zfK8dcCGNqx<5Yu7@Ea@>hsUk?N{vyd*X@kBlB(*VGi`ZRB87ZP-4x%NjOXQA)0B*( zCmU>ajr9t1%fqJUL4q_r(~s+AL}el`+qQFdjZUu?H8$Gps*d|~Pr}N#njwNjX@(Bv z%9cYM_m8&+leg!)L%iztUa5#1-hbU+25Td}5VtZl@cX>FwOo(V9Dv?TN@*#zYfd7$ zEa)^yAC1npd##qU+Oho*+@Eo)tD3I7Tc2_-!1`%U63Jgc`tu*@beFHMq?A+wC|tem zwDbMh>Si;Y?;brh$M?O(g5Pdi!1cv$t9$D@!?rUXG@6Q#NCaoD-}>tin=46~n%^^uD)T(p=SI1gJ0DIZ4kM}k;jKXa?ez~w^V&RZ9i`&~E4TI<<8Yonn+v2X6l%FZaZI%+ylEza<30FY;n4VP)NnnZgT7g zu>m^`pou9k5q)=AnDG-e3gr*--uulI|H1E20_GP0f%1@C*!VysR)zq-wAeS9Y&c@+arOG(Mt8O{H8n~2BbHht+PVnwR?8~{fj_xkGf!*@YN4U{M#bYoF) zE0CI+I={VrJ*q}H6tR$tg=J2L!4vZKkpRmQcTeOWVqqrJM$~Mh&6+~!H$HQ}l7|MX zrSu_5iY((8|8EVj5TpT#L~f_td}R#((YgYZfXxp;sO1RPr}8MK00(WP98Trf(ppz1 z^-zZch{OHTL?ba_W_NQ1D4#GzjGJt?HeH)MJ@<#>#q{|ew*wuPbXp-pm9W2VCl5%i$x1^U^lP)*h)U6pdTcyW;gA+}mu4?b|$kz+-7^Ny2PL$`vwj15x zBJ`qBWOTmJ;tBMdc6D)Sv_<>*sn`YPKcyR=iW>-$ZnEhLt?!8;P<-CQTVa5!Aj2nW zA?;qkN~^Qg@l0N5N#yNu=gS4lj{}L*FI&3vE%`w)wIOD0 z7;2W(tQJUwJM4>Hs?SBxBl@qa{p0;5T7S^VsX8-B703xeS00%?P+RD6vFG{uPQuv0 z8DBsuh4IIj#8KdOteUR-05qA^YNORsr70{HpHDUFpDeTIY>9scnz(cG8X6kp zO73?j3x{@(5G2&Ns!}o#P==hKXoXSU)U-Cxrz!4Spc=g)M&JB)uYdd%=9v>D3Htk6P08tbl25xtZktim4(Z^@0h_8@4n= z=(|p9|2Rw>tjp#@IULYvcfn%ZYwdBmr0O_wY(7rmbzDo187 zF|rj8o{4unlX)zZ_~w@M*=Hl&g|eQr9_9U@OOew_nLg#f@F?skytU7E-E==(@ATG! zDrRJ{VG|fwJ@8qW=atjh87wIYlflgrayg-9lEZM3Lx5#|QLb)X+tXxbW*+xJu(Y?- zBrK9!;$En=T>Y!uP?w+IKfmWOPcc_Avv;xQ{3Kd8RXV54Qz-WXnbY|W|G~ak?L)HY zaGLe*MEc}xxhAiTurr(x@Y+P-bMaLil@~xao%}A`F9eXy1`DA1r*FXns4gV_P7KiS zf};&i>%5DuytlzJ$6XWyZM1IXoB4~P9rd~^PW$Et4BJ8E1xa}Zb~0jIwB`SCMx3&6 zRmY3JfSS9l{<)j3cL?)>hpbYlB=vm|p$f87@eY zDNC#K8*kB$1GHletiK%48Z_rftB_p$0l@(nVFC^0kmVufx9BmddHUKF9{-~;SYg~g zv|~-D&LaN<^+0G3bmdBZ?z1E`C1Z*H7pB#ag77VODAVHh$u z0RB%nzSccnD8#p5{Lt^g!k-HQ5SHNp$m}KBHAQ_P|Igo_$ijb+tefg=@L;O$zu-@x z7c>!MnzaVO|JS{}&kkw7^Kkzc{{itpjR&=v;4%L99xJ{72b2QpwCwAU1sxdZM^aQy Kq*6#f;Qs-o%MjrJ literal 0 HcmV?d00001 From e6a0ba2d13203587de026b912ce5cda7eb57f64d Mon Sep 17 00:00:00 2001 From: Ari Attias Date: Tue, 17 Dec 2024 11:26:17 +0200 Subject: [PATCH 51/63] Delete docs/csi-images/k8s-multiple-clusters.png --- docs/csi-images/k8s-multiple-clusters.png | Bin 129623 -> 0 bytes 1 file changed, 0 insertions(+), 0 deletions(-) delete mode 100644 docs/csi-images/k8s-multiple-clusters.png diff --git a/docs/csi-images/k8s-multiple-clusters.png b/docs/csi-images/k8s-multiple-clusters.png deleted file mode 100644 index b1fdd1f5a40349d5b711ac71cb29b9013cec1628..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 129623 zcmbTe1yqz>+cpg2Af+^-G*Z&i-6Desh#=kF-3^i=EuAVN-Q6J4p)}Gh-Cf@veDC{t z{`YgOfBpYj7cvglTzl^`kMr33oRC+tlK0UF(GU<2?n}X*y+%NQdLbY{6jAPicl2M+ z+k;<-_OB(y5DNQ=*T8?C8LCJb$;cqkgV!hsh(V?ZQ1~t2hY3L zA0`+_MMINCtKG=bknmeue@F0Gt2or>$zbvmSnSOFG26}2b`R-_Y>o4Fs#AZWv+#gn z|7O_$a}(!g;z3%)SpTjm4h;@D;$N=;?9RifU>@?n{t>(>?$e4Xj6x*>`O7sY55e;i zFjK(@g~ELPay_}+W&i63MIfZqBJ&-e1DA{c`au|c&^vz_5j^exZP3yXa!-_e)w1Wi z9navCUK5#{dyDztk~IneHS*s}gbz1kH|F_h(C;#{5&E_1I%mSLBynm)9GD~|VIy*i z@$yx^T!$QU$4f{*r3m)4E0=Bre5x5W&?lE1@d-UW;)jVmwx4<=Tef4sQ+-ZQU*(@P zhVhEw*zh6JzWa^$J@qY4rjIlDFY~SNACIBDVrfAk|n9^rB{_q!}gU2LE__WHE z*_1r}uLb|Ras<@sAcO$2lks3ST4ajNKtd4aS#$(>Z)}pgO@yJvphr=^U1! z3YQQ%0Xh&%o0!gIrKR1h=Sj$P|I@hI*Pcx6yQhm0J=@cD3e)(N|H$KCO=F|JIt>X9 zq=k{YLbW`P-qh^16B+KzG+aM--ugw&J?l|6<#n-jT`%Z<+-X@gO%t!}Rg>a4s=A-2 zef6U8Y=!8?^(&dj(TK9$R>fHN`$z04Gb1z?C);&9-Of!HnyNK+hB1b!xAR_*nM-w^ ziCRr_XPz0!$`nFdqigAZ{%1{t!3Y8A9Bf=c>l%=uESVVo?doqkg0Gd8X_Yl>11>kT zZ=zdU#fJ6<2Ve7E?tWX&O16qdLVu7@?|pMI%VyAtrCOpFV2|992Ddp89MsIv$nc#Y zvYXQmDXQe^tS6bY;Y{W`Q+k&vKUQ}3e{p=dbkbwPsb z-Jeo~LXa5WcvT+eTtG^PgPYkvG`g~(w_~t;^ZXtx0FoH}SvS%9^h)HHu zb~z)mi&eVTa557^pzR^gWj(|A_U`>?FxbW57ij|bU-gff??W^7!+D?g^DN%GshPdG zKFQj29MfDKa9>F@Ht0{`-H-6T{I+!FAw+&5sz<9R>?h&AZ5bZe##8Oq3gD zGK*NaR}nvJMq3lUIU7J~TF#f`Bb8lneh_^G>-g4%P5B&Fq}2c=UAx)2xe`{bw)uFt zH900qsizDh_XLWR(w?+m!l2q+j@RyXZag4an{8^s#wsntyd+5FFpU2OGnTe_9JP2hCy?O?5=`PsyP*Qic8mJpV~+2;tMeRSdA z5`;aZBZ@#Qt*Fg-L4UGfDgsT1sI^IoAYwiLM*{cHFJ^D7^kgzDGgs5SXWI613Jc@> z{2+_5{^QSDP`Nd{FBi#{qotWyA3tcrN8yx^kgyw;mwY7udsN*zR+7}U?SpClw$41V z=jlQy%gYohjj={g_aW=VuA;j>jCY&sLL@+ZV(6 zWh*Tv9?J>r`Jd_fd->eK1*UI@ni&I3A9E^LcU$0~m;Js;o6qOSw5b7NbxK4Q+>FR= z!wox&G};Vqp_is&b3miV^ATOHP_Of$^mB*Oy&Uqzp1!^#&#R*`UH%-sK)TP5gIp~q zD+}b(+fRG6T$f{4&bzx`#3;+l&rddb*4=o_`M%@N>T}!}O|&?A$GY<~0$AJZ5|esm z?^2F)r0Y#LLs7!XI`&dtP7bT9Tbb_pV1v7}_M11cUHtR@xG!tanX8+F8Z*dXgu@d{ z8)3n6f}Xv5-wCug6?{9t%0+pcXLgR&*c;D|7O2adrSdzUzuFN+CRws(c|E=2=i_Zr zv*Wqro~8Y}$Zb7=tLf@kU4boWFWWf6dal{m=sjWQga)_yC}a9Ng)HWyK(klzXa?6> zzlWF=o?EwHx(dKB5LtSiwH}JwcoO4ilf$ZZA8mqS90cb;-j_}AP!xWE6Vle_5Le>&*0P_r&cFHgCM z>q=bMXdumU|LN?4XAlO7$9k8+dVhEKzV3Ae-RtS&dQXWOr>$R!$3Kw|39giUyB@IG zyKpQbDi*7xjZe9rv_U&*@ey-bToLt%v=S*I9zu2mhnbE%9C-5d+S=uOSn(38n zI_tCcSm)dpHpX<&$4zf%KFE=b>SHTfN8J(U_mvXN_dM4bN)K=q7bi>DI1)|S0SO>g zPB8p()iwiD(DPI#@C^H4gmX+o-;45Y|JNr$vrXq2BLqA&mv`HCbcYL)i%y5@h$ODS zGOr;Qm=?UflMe~beRm%8ZurtA?PUnG`!z0{aCr61g6J36kSZsCx5@D6;}^`P*(2RN zIkMby2k}QKdM_UPDh_D6EcAV#fxf=dmB#I5BFwtd`!0j%btyK78m}XcLgDJ_y3!%6 z1%i!t64}&~2o_$AqBIc-ZoZbIHM^$@543S$>s^aO)VeFkHEw4K0@L!nALJwO4@k8m zvuDw0X%ueGS}?tI_8oa+yIKjJSn)VWB{J!073{LR?i-Ls7KI&3B-+ z$Z~dZJs(7tByjmd_XYDmHd>%Ho0KZYitMTitKz0#*ZlpqI$%%i!}HercLEO22kzX2 zh56vFQqUgLadr1M{ObRTH%OPsf1^XL6() zY@pJ?#ltA-!TL-`{;0UUY=uqNM@2>`<9q0P#@B~mg%ec-$1#L#LQk7*b59?;DNtEA zo@Iq7zg>QLt~fay@=z3}Li3T7hs|yYcAzB~)f-Li*=;d1>0P{uZVHk)m-Mf4Q_2Fh ziv1=`c$~$2nJh`>S*|J+U~fK}&niLcGKa|i{5`I>oZ!)iu8vaHWWv13xE6-?_(WHo zq;I9%RGwniTAv?9ywk|CX!5%1&AUQ&M5ZxkDK7Qw*cYHWazkV6)(8283hUMU*rj$= z9r<1EoV2H(v>1)TUqy(>%i)}XeAA2b>ciG(L2?agkNgo`dG-&hZsf7ICr*hBerAs; zMhW%ubWzuba};FK1fAD&z9yX{Xh$g)6X3V@vFc^ztY&3nF`sjcFU^zTJ1)(*?{L}^ zp6lYCJN`2Lnz)~!+!0P+&;gf3?qph3(Oiz) zRA0i6*|L7Vo|IBY33k#p*th8N9j}u*y(aD-t4&v1)|HPA-jO&(79SFLcBH#qCDhm0 zuO=y9i$ka)1t7u5A+Gyj+%r#`b|C8Q^+zCkC67l3?|s%9T)APqCR;qg!qJ1wJLBq+ zFF2E~a9^(6lTBbRu^>GlSP{*P;9x|Ic8f@M3FT=Q_=E{1^5+wIFVU9$?4_jVuF-lk zj%Qo#z03O{3D1I81F6s4k2m)^dY(0`+cMMVCVTYetfQJW;=V%m8hU(9#ick=ZTmTK zaj%a5>59I-<7cmAr_FI)G5!p}LxQI1md^gKr!q6cE{b#9^ADRX_7=X=q(#5Gx!%E@ ze6TK-j$Mj4D}E~b?2`ID(ns`!!JuYe{!fRG*d<>;!l@BNky<|3-tl7*+8j5;^?JD2 z!L=|n7YJ=Rc$&D_!Bgoc>1X0kgmIJ~6(c7!0S&tT8R2D+XR?ci4Hd&_Y_l!9_20r^KfYQR^N4`6wPlX(4He} ze7Gg!M~C;-`_rR{Fh_rugZ60r*j;^^;vF8Ps>ycdWnN%pP%IcS1<5QvmKgaD%7jK4 zyg??^#%O@N-y#G!psnql5|@MzjKK-UfVa|M`v`rTiYEbSitFf__+&u0Nwd#ScT36*{!ExJlv5IoPvzMgq0v{Q~n| z8wFLDX$V-2n?sh9ECPFCYF|W4Et|H?=WyNB(~3Y15JDY^A;#ApJZ+EFcJ|A>=;+Ru z$Zg4%J7AqWSQ(Mb?FwCP4nvfJ7-aNHQ4XN?j1Et^A1yKj<#0)PPsH7C;Tz7PPUW&I z5?pgQDBZ`*G+u$Wy}vu$BC7*a;X@iA-_$@lkzq6}?J0lho8et-D1g&O!6@zL!VVz& z!J*37$E1^Sigud&A1t0>l_SS{2Xlk+ppa3mypvJ6`RFH&ML~GM)I7!8FZaj0HUf#P zu*%)P<13?R_|NB}j}6;wH~*|0QmHX%e`{!HgL)18LFT6T-gah;EZdBducQ8?6NNG0V z{h=eAweuS<)$nKY>^|NP@)Vt9coW*TKYY<%W(h!eCo_A#y(D$IMw3NR$(Q51wA2ZT zSGTJ9B8p{*pVPa|*)o>vqE|RnEqJY9a>w&K21czx@8(M%+X>d(1Oq>%N%Y4fmIISx zHp_?Yox`DC<9K~895jKb^kF{3r$aoC8sTtqI6$YLOE(C4b6o!-Tp7Q*cN?qno_36Q zGx|X)L3<>zIk(04yOb6D5A=*h`3D3qHp{Y#Q|+{RN;<9NKn%#4^XY7mFN}X(jU>`H*&{sKbu0donAx%Hx!q8r6 zEJWIVaoJ4;zum9(zvj*q1=|23voO)cb(;QWEf+R#Sk`M5czQq2FG_fTR7a~V+$*8% zG4*DB059S}v5+D=zm{$g^U{13lh(+^ls7LIwP;#4!<0rKx`oiW z(drWm6u(ScpWdl=PDIj`;qBdX8r60!2c{g0EmpCo7>|U#>b+wKHly>>&I1Ed<+j>c zP8)hYs6lel>WUqF>10qc&%eddB&c(|+!VmCUM?ztYODEjqjgG>IyL*j{1@l^S-35z ziR(RWZFnz89miRoB?qwxEg@|O8xBk;50gDnobae$2u0>rpT}93xbmgr!SrmE!E?ey z-xk+*L>_%qm_nkg!|OgZ?qcz1O2bq{=wg(m`i%XUY)%ql;iH^2jJ4b9u^Pad*?O)t zjGB_J>p90J@9&xslELl_og8OHVE@$lR zB~c=LST=tqb5xd*Hb~Q$IXyodu7KoJ_RV~51;2B$+%#swCR4v7oMQ5wK7p7fhLMwx z#ARC+&ic2zG`@S3wv+E%0w{%M`1gc!H$fgPdh^Mql_%wADh~ zy62PJx{O(S;56Qy3#>v6cg;ETYC9(lU;Tg0y8~#j~2P75|=c zVTmm#m`zjrWO>jEXUgxlxLEE_PB}zkm8`4tl+_ZG-~N?Yg3*GAJ=pb&nBi}B)P%ZYpUG zmhntyu8&n;`6U1*1I{Zx23!#ROU7H42#jVb1D|zr`deDxC9Lc>J86S2q8!!DmnsIj zmyae4=@C9!I-dPJ?7X;G`tS{HdAQ`v&gLsIU3X7pKBN7+n?KX?rvMMVhi7!laovMH z$?QOgi04ZK++s&^FbNgn2~M_Bi?Ma0oRVd36t^%-yfcB~3)6twt4#ur&Cc#TkNwMD zHdk}2L}KoIk*xQ0ku#d5nQ!FdmR=#0CY;{t8Rv1PccGXYe)B8XYR6mnO4P)B#N4E_ z_Xw+ixh!&pmNZe#K_G89g(fNnXc@Q^dnU^mmOfK2)1PK69&yvm2W4o9s;%JT2hXUh zFykVx_DBWc!fDP_8F%nccCzDnraD$HzgX$%EJGS=znrL;1 z8JSqTYmf8xHEuvS{JDUZ*zig0IcYRY$GyH-iUzx0S)Bl+M`BmBoVfm_fj6y@_4RV0g!DKExx(#+uJx>;gn^@|6EgBgA6M?)#Y zbqbZti`_93+RA2(8A(r=3$!6zo~AXu@`xrXMH=`%`-a(QB7%Gd=uq-)C>hf82NZ}n zHpF0%aCTIFV7GIK5WGP_oo5&nR>0TW?o%^7MzqFleh`15xT{)Lqx2v@H+oGv*I@5g z_Y(mpv6?xW)qF~{_x6rx9~z&fNJO$;|uu zCE^o29(y?JC*>nnOWD^d3j|x80G3NY6rm~i1Oy1w?>*g8%~#M}BsI0|nB|R;vejhz z#52RN_I>#l$veDN9P`~=5{WDOqZiuhuayJb9(jK3>3NWYz*+5HNX+^~E|4Ue@=o0< zOr9d%r^27E2&@k#0M-{`-1`8GJQxbh?y!_wa?%5+E@|MsawG_e<26OHGb1FGGuNM9 zHV#v(zF|cXdO)nV?@`y_KasLAlTK!$3L7lIPVeX>FCy4m1aYU*sM z(NXoL%2V=JVbLC1|NAXog2J4*`~1h9|F|7Wq7so`XU#5V-!=k3V@0 zfFt<>n4X4}pFjK!D9L5KnwSu^?S+n9j+_y5L2%vg&*$$Q%(aED98BY>UDR*~ntLaY z&zEAp$FhC0E?lb0+Qr>i^%;Y29LP4KtTBL)A{)&Kk2XFi0S;bhunbrD-a-U{bPQZJ z%38G2V{bYPdv}|8tMw}#_@7As!ZYq#nm@~$`HayQ&s4WzusWlrdHseVk9({$yy0j@ zgvomRD}VT#7pkr$u#LE}Rt9*sA=iSwk8Jc8bE|hLB?YTE1gKlk({doHDg{U=u52-u zYR(i=u^w2aFISMS%u1ut-Pa!pyxi}UukOVLl)0(}baH_ic%}{Fh*5%CVPjFiFGDU-3VO?~GBa zYbCy6*7j6q!t#8z@=5=l!9t|RqUqta-@D!V5u`O~%`B&>PLC#M`BOi*Ymoc4;Q*sm zY0OUrmf#7G)@17TnR{S^lD1Jml?c@(P{h?R)uV>fo)jBXLk6PwMjR`S~sR(_X z5z3O^;$FagGwOfbbS-dmJMAU7uMziK1OV)N0esMXww+j44~|yuDUZH@6w>%;RvyP* z7zEr^3;$4=ebS%2o>L|!k*eS@F*1K;KSD%1$#}9p#U;IO&z||I+qm9!Mqbn;!0mi< zh73JheB+8)-p~UT5 zd$6!$h9&lh5Xx69tL{8!ZfF@8a$pY|Bko$ZAP5fZ0P~ZAXJ@I5iF?4=)ZoH>V6;Mx zE8a^Ookthl%k~W%o18fe$@$%phz{}?K@Lf@E`B6y-DLI05Dhu{FZ#PHwSLTEDG=06@ zacQTwFC!5y%-cDD4ctuHP>xBEp?3Lzmb9v#cErOV9?&#c zZGJLT1J?XiOK6$U-gu&R*EjWT5L7a$gnn2j)RE_camc4TbWBmY=A9&#L*Q|D?5x(f zS|QIz*gJH#zSfdYA`xT_SvKBSzoT34)$IH0ogJMO^f?B&369!*7TWv~aE|#V%Jh9Z zZg;p@s1r$0`+fR??9g^sIu{d<+r45|+~BW~*B8=iJ*U2eFNHUJRAxRzhRU;X4+qk5R|GGfa3V!s4k$WBfjE zwwr{>AUDZ=JwXh&Y4rmu5?j7=p*MGN!?I(R&?YIDe7yP5h>9Rq$la6PC@qpQ8J)E( zH&v}ziahR-?A0h{{?HeUX1UMPXyL)k)mNROL4{gIKwcNYi>cx>DSEBHw3pjk17R`fL}x%({q`I+dw^tUfcsl1zz2a@_YOQi!y zlgS?o3Kk4AvQ+OK;!s|X+mEN3Z)~fTK|ki9@p6eC)@+0|?CXP_pG7Xn&bK{>Vu+D!ACgrIF zf|wrzT~`#J$R*`ZKIWj#8pdpbz2%%d#ThsA40W`h6+l-*HxoYg2YSr}$L z*ClJf;jTu4Gzj@7ki7?k^RZT|uiJe5CHb5p?!VlHvHbKPqQtSMb;|YJP4#RqBWY47 zkmM^wKZIfC(+-v#!6F>e&Zw~D;6;p7jAN8f52|9GOPNOlJ*RIWSJ-v#D3L%fGF(zT2(d-^%=a*QIhT>g2ea^k`VrgREZYQ%|jh-^sw%SVfGv z9NlR1XI?^oj&J#V-{Q?BmXL9qMX9&p050}c#;VtSqq`po3j0jxpJNTHQcx>|KT1+jB$ zW)sWjMgfOatG}&6`GUN@AfB>X>u;Bf@x`rIK7)}>F-Y2doMFE$)%{SZ#9&23YmZ3R zj%=T7AnOPYI&Z8{ZM|b(E=k5@W2Ls``awy;O0(4;=u5hmAXgxHKC_?oQ6<9R(yM*P zga!vjg*XGDzD-i`*x93RAkw3HIU)_pGMU?pJs6OCoXUgf{}eh`Q?esHn^M}N)$L$yrl4a+AlASCQB>f7~2Wd4Sa?@6scv78>beOkdGw6+#UCNVsJ;)QF`#^%=qn9 zzf2YI`+0ueLZ(e`KU1x(eD3Dh|8W=hUeFG(zl9fod(p5hWdmu80~|FH>=Q;H_R@gQ zAN{$K7-XCFRi0jV=}}a?YlU?x^&QR!n0`D(BbMXw-s()+d9U7DjzsWrXiFqAPJEr= za{e98zQdCJ^f6Yp$_^nT(pw#UT>rF&+CW0{k6X1yA0!@G{A|oF@7{dkhbNeILa^AY0%2Me*t;F0B9R7IrE2I|~%!-IYVLmHE3+Bw`mwu&}mxxPQ5 z?^NtjJ6dTeEgYpUZ(dyKtwb_n=tX^d;D}tXepkJmva~ESMU4TZ9MEXpkHg9ApsJrwu z6VWJ=`eyHUMWfkwqp`V6YpT&6C@FR&c-0u0K8VxqyU2Rs^xNs~@|&Y0ov(#44zz@A z$YQyJhN@Uma}{M8NMF~*5v4jDZ{{IeN-zxkyGvQA>j(VLKm?|eFd{-W{tZ=HM;;p z2CcSg;FvH25Yk88z7IdQiIVYNq;IG9C$(bTH}}4W^3*U@-_wKdW3g;%0c0+l<@CKD z4#F8ZW_auy3kR9rdK$SOV>j4SD+|7jG-4`ZdyLbT#Y;~pqpqRrbkcg(Qk#r z#U~IFc+?-o-a+sJS#u$PM@ZWw)r5sdm6e`nws9vzdXVP+0DDin1?eA%jSYvle)Jnu z0AfqRA@%4&L?MiMI$=GavrbDoDRfj;=)OU*=9Ak%ay}5 zo|bgFTs~CR)@(nz_OqL){_GVJ-xN)Q0g9+4zt5qDF6kOKughqd=S|^p!h{u(A=7zu z+$0LeU{|N*7up(D8^f^vAle$G!**$_E6aViS%7-E?gTj0TNg%>X6}7P^ZxYDPAL@E z1jwGtNN`X)`HfX8Rt9wC^+wcnfm;A&3#F$+lR(o6@BU-gOyN&W3fAtfMH5U9;0N4R zk?zR{SZq~l7i_Pn9R>-p)%q?Bg)s$}&(6Z=J8u1W18%UjENxreGxj7j8m zDx*)*=Mdq_p#ldp523z>74XO}2^{5DV#*y^EI2<0=`oXPE`X}#bo3!f5_Ds~-5=&( zX^siYYFGG-sW_9W%*@jJB<6_zy7|DkjiP2hhFvMg_j$(XzP((7;ehH~F^H-`kZ5PCx z<$XRWrYqR(Vpum*&k^f?w1|eJUVx0oY#1wq3#|>>Zhe!h-lUwT@}Yo~S7Lp6=u7I# znk$vSbW3!R8GbOJ)?<~08Q2R;Z6?En3_E|2*4UldO7NxKsSAc!*d)^CKHo zCAK06lykWau87AJ3zT3%$W(e+j{LBA=bXqHNr}VO%a@dyJ3r29K;c1kl(ad_CH;1L z41Fy@VLmM6ODW!9aw)<9VCHy2eDDXkx3i<-4@JqnjGrgxOS%!I-f>@lt?H7wx@JUq z+CT^pgL4EETXJMGrDyE+3-^U=$RmF82-3BmguctfqJS`_>}{5f^eICz$k`n%lC0GD zl*U%4O`uxwg?B+NRVVc*PSbH;v%xF4eXXQ~t~PJ(fbwW*qOnTJDdz-Jz_VD3P`iCg zy7cfA0XbMm1?PAv=!=o1!GRIh>0w@_|Gy}4q0nTTjGii zYk6A2Dn$W?T3ZgrOl?yw+uEn-vM${X0AIX23gN1>PcNEmZQ|ChinKN|Q_klPC3%xC zr_WK%VO(Q0sBa5`xeE>o-k@`X7HwXY|12k~M)L0a%t+Gkdk1hh5C-hpp^T@4$Qn{l z{q9e#|M-<6Ih(5U_^;YJ*|bD0`sLc5m*sTY(=48bL0%M3nM`9A`oye8MZ3v3ssW^J4QVddoOTy1rVW< zRz+HTU&9$*?MYT;4$t+CD+wm~R}6e}NE}=5tJv=?e_dv;Tp1W+JxeeBD_as{;auc2 zXD9;~%d7a%yv_}{9*EZp76@EBY9JqKnDaTMK%>PG>gXJHBB_mKo_yG%@9$O9nlSh_ z&5^LbrjP!zd1Xv!*0|mUYY49;Wq#ysQ#%giqgQFBn3s)N$je6xkK)fn~38b1mI_~KLbs^6L-zE_% zk3Yh~{=Lm8N@FtlZ0S<7Wd?jbLTPdLGyoB|tFH_Rq88KpuH=r!lE5-+IjZkY{ z)vk2zirXdOd7V3SN83mA#`p@_%MgETKku-IgO*4%_&P;XErI{K0Ml?NQvI+fbr*!W zu8dwTSo0ldaqP;&`*HP_&L0JiMRP1(7p1^VLz&UlD+|@QEb?M2YPSq!KJA?R+C=?sciIdoo6af-f*-x1n&W`4%n17!?hIidMb`Z^ z+q9>LA7`fatdxN;Q~t<(su2Dt%35zv;6N&8Gqm_S-?Mb&nHh$<9u6lt)5T9RRM6nF zgN65OqRGil&mJVAaReXc1mT-B?Pq5ChB&04rduQ)UMb!#cN5!W!KPj8)Z@Mf2d6^$Zy1+V6R7BrUd*I3a5ods`HZoEo=#= zg^3jGGgz_a8o61U7r#(N7D7u)pWP)(VKO!?UiBsPP^CJP&OdkTVr$9597(k*tq{H~ z=I6K|zGCMIjWu+eLjH#Wpv|BhAsNtn!C@ef(%xtJF&i-N9j_K~$VB+Hv}TXiawlK% zygQ8ZH6g_kqTnDCQzIYP`zE7Red|d9D3eaG^RRcvewkysvcW!iNtQZQ&A8{$;yZ)O z41um5)SKn)#~(K7LDVON*Q)L9t3Tk#9mvIP>Q(9E2prhuY_$>_Q^WH*s->y1-(*h8DDW@uvZ@iDKZM`QUA(^MiHfj2YUrlWZB zdY&@Ig~E_M;v(!pNd;I0t-`1TFnu+M5^T0MPsGVng+AFqRz~TQq+2PhEHw@bbfw^! z)x)U|IRq~u5;f!Q?=k4hiucRwtICzuTP@m_56*fyA7NL{n5}!n6^=10VWyAPHn^v` zT{VA+zhyA$0l2P>&+jS$29o&>#9YNF<2qRyKtFYj>dwNNsiEYpI{bYe_y&BrC?B$+ z1+;!vAF^pwS#H4xJV9sqD7*^|rKY8&wWCM_tSrEY|8x011cn)bNXl|_&$kU}arfS13~&^N92-jN zeJJnhygvL)v5yZJ09^3@bsdA|r*9DupwK~7i(lnZS{~P~u9qbpnU!3wlNL0d85WW7 z`=dqXx;n_>CC~|IK2metvLWz!&pijhcglqGI1#ELJNGk)ERGQ01DuDaCG$G{*dzJv zwjoNy40XzLOmjcDKkwEJL?9)A?jt1<*4oklA5SqSI(`ookkZ-uRk7c0UUb%R?9Y6b zo0oUcw0ev5B1I0NHZgvO6Zxu#=OLs-f1r#C5aTyJ-7I8Kbnf|J^FncKaD9WwJYKDP z2zkdV=c`bp_ou9R4}c?sx8y479L;wcw<{GKkJ~Mi72p#y9!B-8f*^WV12TXPwK}c& z1-|Qy=W1%Ctw65UADZ%M{a@KVlAiE&L9E<982<0PPNowdO) zY?i;ugRip2&yMw;{ z&!Fo_tHJHe-C_R&o!wcia(5(!xB)mLbnQV3>>FJEv{-92-{Z2zBB)!G;UY2N1TP^+OD(^MB%Cd5VaoX6nttOEh7x2Lk_b(m&qn>jIn(*ZNa_1n44^f^dRH zPc~JJ^<`uD`PP3O`u0UIH{$a*VYeWV3M;PJ@9f}9dHzfC!w+$B=RNr@otI2TYW?#0CS&Tg)5B?Dx1b8LFzV#I8kA)JbqkQ zvyxPN)(gsLxM9H%AOq9R(<4t6W+&=5tgA(zT>8)H-o3R#PzRCv`9C71Zhk0C%E=fc z0g&S`6wSsR6KnAE+hht9~ss$G;(o>ckXg@E)xA2 zz8!Vf=!>n8z%3sB2|xiU6J4A=T*OwDq!+RfW-6Oe-c^{ES7X!a;ql(*Kb0y+sK{;~ zT7zd&KtupMC^Q2h^ka(gfh-n-p|tW)s#z2YZ$y9}FkZuk2%W5t^oTa-E5rSxSrF=H zt>iabXG{em6g*YMfy^_!Z@dvg8#zDp;nZl{4;STSGFP92{z6-b)JA_D*qx8H=Sn_~ z8yHV0cbbSSLsgVYWbAf-jZttOzI36+TUWM8f|?mDGLvymvP&OdAtjGFo==3rIN&aR zY>*$b&8h!Ix(~+fkm%`v{pT!eOz6w*LM|~Kr)$CMGJX2O1G0l=erVPdPwTyvQ-?{piZEznHbrh1MA>r0H78dMa0j^rpnO0>>^!EPDAHJuwOBCyL0a$e zBrC%o4%(*=M>-gX>$lH0FWS`M$P<{%0+tF@HEiHMu!AEIfrtt z&9yVc^F?aFxLrLeqZ*GyAVyx3bBObFKFbl*;vo)^AM~Wa^SNWRL$%zO4!Lz<@3eK% zjNf-oYBsLz{mvpjVB91M7{V~X^ZzTN48BK@AhRYSmaen$Hq*b-DPJpn9ncz4B|Irb zqM4CLEZ{k4+Gp@uw2bxE>i#<*_&&gH_N3odwnVFssBqPC|FXNt8OmoM;Q8Fy4kkB# z|Nr^`A`Xv8b0DQ?_;kQ|v+53s{OMkri~`rEW<#yRW2wYP<9}-mJ_S(!ALIR#J^u5r z&loDSJ)@!}twF#DO<1dvxdR+R`R_pd=XK;L2%4D{XS^w*{00Nsf8QANYX;4^ zlJI6p&}0_>T191Cr*~ttAjW;CL7C5an^E|*1(Pu48xaZ~rtoF)dlG&nS#XNU{u*?@ zL`sA{2>2k;{`=?WWzgEpy$YI*g;blo8ZI}Dg=3sv2P<7koaULJ3)ZfewWD*X zD~6i=p!uLCLg*Ye10lOQ^x$SGC@)gBKuFa>cDaVqbwy`H%5iv(gp@2u+;DRU4kYyE>FRm%Y!fA zJoNqZE6@c&gc&<~xx(!=zq*oa9S84i7UjKIDeYlCKo_o>am%A~23-`V0qF(mRox-9 zX(mvL$-;&QMX|B5c57eaUznQa7#JERmVzdIOvb_Adnvs3OH=j(oO-f4qUDaK^Fcj9 zWL_q1MW8QGYrAGOt@*Ltn5J`A0D+dtGrAO?YNVZ%yrRZh`FZ5WLvr5dLw6k~xZ^eK zLa;~ukhtB2u32jx z7duU4gXzunprI@vC7sVPx2sG`z!xch6%&ecadOghBUlW3yO@+jNSWV^{u{J=#c5wI z5Zv!yyf0uweoj6zI@*0OAZ#7}`OFwJBiXfKOFsO$I;SN)vE;%axy0d|u_4W0aC;faIjK18sZE^fN^+PTgf_rVa zgAZd&+DD?m9-|KdtC3s7X`mWaDkh0AO?T^*Z!j=5lFdUSY{C1I2t50 z;hn|{t2xt&2KOp#>A3G@RQzld zwX{epQT9EBv^#l&O;p+|Z5P{%S21~)uzcsnK8hpXR1|Z!aU|PZ%`~`gss9hG1k2_C z9Z~5<&3f|xm@_!{CGtM0zFuH4w#;;h##`ThwV%`P8{O9wy?yd<=(~ID#{C>6zMxU0 zBRb7><MAFmsh@GFq<=#*>4vprr?_q^cwtHM@;ouTG;8Hie|t4 zeOI)HhB4snS4DaGsKfOU=~|~PvxNsO3aH+}6#o9>LcwniL0fjxiJ_rk;F$!0roqES zK8=X+=eyy*K=U(Qhxfl3=MyEsxqPyWprZbt*bIeWVOpfbH!o|Xd+djpk|2JV--F1b zNXJ@;2@q$tLx?6z!y5Y2g|(TRF73Md`Z!yk4WtQvdk_?lQU4l?76pQ#cZcE%XzRYZ z(9@xIVlkf;5G{Ci6+2lWg5nSTs)hi5(h)EgL;Fslf3VV*6-O%Q#(_dlqQMEVrkqfA zpJ}Wr>Xgj?1aCoyH)n!CajhTMOF;%11s$}syC!0#W8=ywZajg-frd_4;d6UX3Jk~) zxXa$2!c8(i$slPgLV9}oms3QW7!T+s43$v&-#dUPny9=#}y7HnLzF ztZs5*igs)qJ#5bJ<9JKL|K_`{i_^eiMet82+pe(HU<}Ok>D1Yn;##=`((A0 zrbI;ys89${T;4wv+Eqb~FV;Yr;XlSyZw-=Gk@YtS$g(k1+K5~KEq8N$WeAG4ER@PX z$$Y{?>K_VpQ%6tU8cd=o(>%pg9~($u6>mn;L#Zq$lKx z*q6lFV=-~m$C=$3Fwx%8H58Bc&>fPtJzq&I2->8f zj+11ujkr(My-Kz!?*X9;i)uZZA9i_41-;QsD2(%i_5*^(r4%9snsuX>AP>mO^2|eH zZa_#3sOwEP{!X{~@PVbDj^EznxSzT~Bt~sd+nP;tRtG?%`VufhtV5z1xnR?Bofb%$ zyGpsIS-ysmQPw>&p{Y%`yL)%_?*A&aAYb5!#X6zoxsJl$e2kP}l`DID0t+AvUk7ji ziI$|GpB4U9F5vR{hN@F%OXV`Ef=LJ!crHdv?$Si=vimjN%M5yNNqruvgGmO9#kX#n?x_FBZr%=*o0fw3;3LAeR_*BF(bKm!Du_J<8 zdg}aeO}~u{MU_b^SjNBLH@C$&IS8t;AdybkgjE)roO^<#mb?xcpWQ%$3CkET!L*#O zrlzB${7fCc2R4RpQ4!1>GGQv{hVhS9V9im`x#qc}UMmt#_bUjuT4bQaa$#nZ26wk6f zZ@(TL*M|@>N~b=MS@bLIFqwzO-8b0+Rd^Yc3pp0#^bHq1F;b#HqwUX(bsbD%7rYjI zv;CzmqtJ81p18!+fjMf&%e@Zn>Nx9vEgwf3uw{B@rB43_;RjeESjLR2VvK~){qOr( z%?UhMc#&2$%MZ%l|K^`P3!ezdLy`$-fbzd?nMBdz1+lk4^&H6>x6XVF-n(CEi`n>4 zI;A*(*H2gy$E*1L{jqQQC@rBS;wl*?NVcf_$`l!_ahbaLW+vp1s#zPs}-= zxwe+*Jx9d%B_$0C&FOm;B_;3N8My3BuqtyqLoB?iNK$Jth}gyHRWi+c1@?!3{AW~# zHXa67B@ShMgK;GPd`U|@$)!6+uZHgj#md|Y(?0S?&zHRF0EE#b&c^Z!KIp+|VPKcA z>#8Yq0!)T9d2eapb&!SS^4-!^FWXu7q46qiFFCRpvTzLRq>$S#entBIp+^VTNho$Q z@sbb`7Cf&%u&@bY-Ath57P;9-It3$&MpZ3@!nxRsH_*>{yh?-EzpNG;olW-CwCLRp zTA(Fa8^EK2yDNVc<>R$NSBo9hF^^rSh55T|XW8JxPW@dlSepDxO{`5qbopO50e+?p zePVV`8_H}8!^Zyk3QrLK)QHM|A#Il>~G_uy9blSQJuDk z@OUAV$n?mq=xWa)vZ7n*X3CSNiwJ?_CGF{rf|dbZB`6z(WLjGS|J(f{uQtXL#|`RQy_ zXzb;}{Otj=9op7vpXr_bP^Rn+)_>DQA%v5gKd*8ER~Y&no|m8A{YYNA*?Ob!(Z(^y zBjeu?Q@kB~MD9@{2l>lrD)MY>+UIMsetv#)yV#$IOvU*VDEFV@a8gZyAIR>BsH$_S z9--F$O`-7L=(<;12yK<_mvDw~#&nMD_iozCCo;%QdsiVZ}a8099+CNiA?7#OO zg~II?jO9#6j?(>#_JmPAJfcJd`5AKOVs;3fCU1aiJ7Dl9@x&lrX!PWK`&Sq7-`)1FZ;Aps0akO|Ah_9w^JrE{4tnk~ z3r+S4(L$jcec$cJkB?^m#%}+ge;A;NT%KJ!|H4o~Q49=xJazHnet%EU^MGI|YE}p- z`|^nQfAB`w&Eo&Rz`z{yoH&B%$`5C7-( z1KA;V=z8VKDEPjUCK-fI=GWXGSG!rTaMOA1GoMfQM&RKI3Nn7d_Wk#$p`I$G<2aj( z^JWb%Yh{Qw>>-Gw|J&z+6=1YEn8X6`^uM4Ar5?Oa>HC4>(TQgsz5;#M z&TS|;0#Cxl8b(``KNU0&`c|mgSbP}$s=>NB3dt%kVjc3PlVPo$_r&>xu`ZK%!5#Jl zB3BX$87QK{;%hI&`122?0Rx55)5m3w!@M;YKbIu!ApHKd&hY0i60PU`%w2ywePdJl zSO4{kS&PxUEBU`e%$t1_hJ-G@MqmCROXfWy%*nZoAKmu884+nL#88phr`vcec=`;q zvWL?2$E88@{D`qgb4!Dj7af1P*5v=oAmw@9E}&U{j+^u(P9)ndP~y#|GnvX+_k>%m z`2~@SIm`V-{iFD)qCz#->r~;_17V)GYP(^_(l@CH+m54lrPmZHc_W#0>Dd{Jasj-q zc_Xc0>u7Py-a=LQKA7-3KSz+(q2-J~8%@@dBq@Oik-UbVHTGr|fZ$LjQBtz`D3Q>Q zS%EaypUEna-O1w1)Mj~M^J^$`L9gj=`yJ`hdauXWW9N5Pk<;Uz%lJw*DshtLUUl;Q zEfM?}sd7aeUP#0qr3>|N6jX;l1S-*|2HY80OI^(mGmF5k zs1R9|ue_KlMM6Jo`mcN}kldO0Bg*3Oew=mZfbg4COU}5%DpEyGJOarYh5;qUJBnYS zqxEWn7qLNRU%n60CP(~!Zza{BJDl@S3@*s`-wQ6oE;yFWDj47CpXVoNSGnbL^3g}o z#d6LCnmI_(eApli`+R~QAdLzr44I#6t(0+Q2J_~2Ze>Yi`y+~R)dH4R^P~U$KlJqK zM}y(?=e1A6@N_yHa(u44kZ`;|%;tC~e(SqeXuu!+-Onk%O~OCaiBVaXPg0&N>bnuw ztgfG=z=+qdIUedzo8EG(L?tq1gl{61(a0Lcs~q#AF~{4cvGz3*j?QFGi?d_(*mPxehn-(xs1dbd2+cg@;~RX zNrpk~)nsoEIPgAUn8^;H>d8}PH^hBIEja0LXq#?V$(k*Zo^v%{<6Zv+`zQ@}wom08 zj{G`D&EE%n)Q_|3>D7ztoud6Gy$eR>1J6-&Kb{zO62;shK1%xnLId`P50nYET8>do(eOx_q>l ztw}Z{)L3jkJH>Ys{P8FsUGE~CW|{4G*t|a!H{ef7u`1y3{kYLP# zcwv*CoJf&ZOo;Q9e;;eZ$7O3%T;z>4Hq#MKlBAnGhD zDJ5#>N`N!Mye_Yh&UgbGWDomDYey-YX&HnI! z!8ZW7B?9+w{{9UgaP2eujql_dPUznmGeZ7(Q+9ZxJ`{E&K;%%N`IlgK|LiRlND!T^ zGg)JmU1d0lo)1Dp&h~h`Ih{Nk8=A5IE$QXm^^q`iqgbl%N174wtLrY#m-O3UN8~ut zyu3UXBnUlrFUR}C|h;YrWQM@V|n za*qD|jFDpz=L%IZGyPz;-8ziaAw^T%H!9N{dNar{o}NQ2ly;x%^;PCyd?+45V3Mk+ zF0gI*^C=YVW%HM=J6CUnz<2wN&QM-EwU{*C^JD=-u5_m$8V8L@U2e>Nh?vu_j0juN z@jD?!lI9W9!=slU&(%pZLNF}W>PZ*ad7c#>ClMdoO$P!&OU=eD#eL^;?PGJ)>`o8n zS%=ze@K9xALDx7*Ryhg&21!5mCk!&P$T}$U(|&c${}r?NZb?*~isDt{TpRqGdweTy z*lDZZ6dxyn!OA}tkXZgTF_DnMW%KHYN;} z7n6Qrznx#n6QWplFMqlGwVJEFz}{3}aGYeYWH<5@0w8i0{|5k}Ds`mqqO61+l6fpC zkh0N(+&AaRcG&#zsy{0kLAFlWGwFRm#P8UDlFP#b#y=6`Hy11pdHD5N_iQZ0bgRAp zP|K5sy))a>JUrH!}KAhx)=;hW8ej)r0_}x1er0Ca-#gRCgb+c&Sd?+t;kb7 z1cvDr*-qg%Y=BTBm zr6Rx&>ujbKVWloW&C{eX1$s$^9J#Bnkk^es0)g4%@&eT1cY|XZXiF4jWIh7#kMObW zq{T&p7i?^)U^6Nb8sg3t%3(pj>Mw0?Z}%_3%>Z6`f!#8s97c}whr-h(sna_QkU8^Uh=^c zLGr%a&JvSj`%#7j>RMP7i$kP7Ad6vtV7Cl6dHWu~F+PHa-Poa!O)JW72vyil28b14t^GPZ^LF0<#r{ zLNGrbQs46lPOo#T^$U2c^z3X>m!-kKK-BXK*(i$eWvXti<#T#4{LqJJ@)nN7u=FKdDzY;)X|wR1>%w?dsK5eFP)|%2hhef zzxSQEyPJueB2eG5$&7{pv@;pC|nkj;Z|;Izyvd$#_HWf_S4pl2^tc!TBJr zzbNXsTJkQ@hnWucub<6N3IaV=GHGQL65R0D<3`MF-xzj?=W)8j(rgSzzMPk^s9Qv3 zFt4)k`c{2>K3_xomQnBNAuYT80{5>IKyWp?Jb86VjEB*xas2dlm}@Lu%qL%RIFJ${ zE?HAmK&BJU6sb3Qi{1yv{}%fB6x=Au$vaTx_Mw#kaF5gCCw|lY=}^okNWzQhmS9~t zH0S6N)f^@)k@I*KgT`@W{bTo_0hewRhV+hnsW4)!FI%Totzx%3G`|obbSzm?qOAdx zPjY-O=eHt6J$2&Bw(65AHm!TM^p}8@R#G1}W0BcX&muAS#R2#V>MKhMIyg|W&^V<3 z2E%!})u_;wKqRd6moJL={4uR|QSaYa?VBLm>!^(@oW*}H#k(`Vo5`NFdMYRE(}R2G zv^0wy!mhS5hPE_&@)jP9ej#3&-oZRA5!LVGgSQ8n zD_c#4)wV`+Y$2H8Sd9st#(?4}uBsaM%&XH1=!|JJJPl#MI%f0&eyTBi*apuhmH>xA zyL>b15v~1-NyPAY6G>tVU~2I&&(=j9Dx(Pnh8*+W^jFRLgboYG!PL(ZP}ln?g!7%G zu6Msy5(`mUV(*f1SwoG578KCcidhAK<`Q+7v>ngV+$ z#(U{^3~I@W7h$Xu*i?dV=W&GfC zRd7EE$Jjp4hoTPKu8bsxky!}SfjjYumBg_HGUlMXr$!9jTNqcXix}!h>NfT2J-{S~ z0ROD=1ZsYc&^-jaw_m_Wf|KU15t3Bb9G6i6O9jGI3|b{uiE(Y=rcgP2cw4g%^UnQb z3^3?3noykyQf)p*Im2t!Gl%SD(yp{g)Qtj7m!rBAKUYYJ_uB*#HW;{{D$;w2V*NOc zZ;~}OY^^;WI?^D|w4E>C=4P5leKEboN5>yaDlkc5#%b7EnPn;&=XwWqK4i9^6aHP~ zb@=nvSY>37Q>i88iQh4$2_eBtx^U*X;yu92^HL+tNUjea!;s@tE|VO;8r+3Y2DEyf zuuixMgsx9~_6z1~BAo~?CM5Ez`$#x^D1%^(7Y{WNJd3gS!FSo~z=x!!;WFSrOfUMh zFV-E$j->0;D&0rJsl^&Ry&6#|t1#Z^oO;5o7OfaK$=i2%zVr>tek~cACq0%D(mS@!>9u^6Xeq`t1V@QBzYTQDdBNDLwc~&~@0n$Myl( ze=1W{*;4iH4Y9Qh?;nOAW#~A}*y*ntaX3CBB+N>8MLw266!mxRQ-$fb%ZL%Lu+)@PyW z#$EAZQD*h?4X?`qLFr=^9XzRny5(rLwKOKnQ8$|wjA%FTf4HC@uqyBi=i_;H|3nOC zLYyWP#6&ZL-Alppw_Ec}nx#@Q58DH|04udc1dzccWWqT}Sm9#Wg&GORW{A}(D|7)N ze>%5@Gt7dH+yLWnf4zdC)MjDTb+((M*^yhqB1*5d1FaDH>zZ z*M9ns=R5C^QK1vHsM?$aXX=f9kS$<39QaV%uS!UI(t_X7mH2{KCm$Xu@=d^0rDKTq-5)FTL<4plb}7e+rYD`@!5W>Z^^;=M0xn@uS^1u-)M1aXj#E4%-v*0vEy=S-N z_^ZapW%u9q^iJ#!=#;nj*ZpF=LRtb68=an1hm`f0?!)l@p6lWeNh9F(yyivo@fPRT zHgIC(QtMw8y$8nhtv~c<`hOV(x~&e1^iueIDA)V0cnqN!YG0vB`Lgmm@IdG$oi{qq z4LI@9xuD0OK(Wg-bHF&79_Z^ClR8OJp@H0be%Zqx7#EBL!5a92cq?D{nEs!L`{!Q~ zx7R^xb}D`sOTSfI;=C*NRk+F7q|(a_w;}frgfmP+GUwInAFqQAtye~Z3@fnH^6ToR zI!c6QzE58}qpfa$njnoK&qo8eOb?Ih!VV4a7YI0r!ZR|VDCd#8$7ErK!|Rm{YUl#u z1qh#KHK%hof7UOgg(`u%0%q8|q-*9>8;|)?abI1YDo4`mcsSs%m=6)Ia`DYk5)T&7 z=Xa|6Ne5z2<&@SsnKMY=uFlXbu#2WD!S(@zsJp8SE7%7=&~ST$JeGZDA%mdG&YN#S zTM|Y7vOfjMM;M}y$JWA9s=?N(1iBmgC&nxf6+n3uC-yjpY*NKxdP7-)C5_L3#)$j| zl^(lnSr>B-u04^ztv86AeMFSEZ~40K4qL|dTf_c(V^3DMqLF*55>8T) zYRZ3(C+80au8KuCcg~z!`CFHh5xzBM;>(Qudc+r%=9BSZB+C<_C)Ijo+ia*}C)I__ zHVPmgkjGb%!d06*-p+RXTm#S=&=y)o%r-i&uf6h>-0M{322$mOgWnA#`3P!dz!H#5 z(~e}Z&ICHg+OSAnYdONH^o24=;@-Jt$4p}Vg@}8ucz^^;@bA_SwWNO6tMqf9NNyeb zafX=fiO|{xW?>1Sj|l$bIp{!|_2k3e(Fr4(Dd3x!WO$ z)LTLVP!g1rc6VkxuOfWWy|7_DW6PdKB1n{~Dvx6eBXP-OR@N3ndm-WAX z@b*M3&@q$yVwNN5XVLUwNHg1=#S&p$Ps;cy;nwT=0blve$GaoG3!uj;wj8?DarD!h zOiMLFK-57*qCXCmjDNS-DZ!`|CQU-$_Y-VPToJ@d6lkGrOaUmYbFie=gp29D06OWB zGsl1$o1aSi?_9fX3(K_`CuEqmG=aT1RnCl6DgtX;q#ldTed|a{p^J%>>Rm!m;G)mF zBsM1Yw-r<{gq9?iTd{D$z}uY}CNqnOa{=D`gJA#JroQ8DsL)CclXnA(E8>@QEL;C@90T>g2Rg^G!2hQXekOe&#axbqHA{%cBL_k6fn!}nr7^yZm zAK_cZ-@l!ngv2qh&^!VIY{)Y6=j`{9%DKV<6%yC_3k_D4!Gus4I}BDP6?`}Ym?Ej` zvKN|Y)#F-SSKAkH^xl)r%mssGvmfzUdKP=0pna1a|NC?)j=w!o&TtIw`<2lx%6)?fyjle^;oi&r+Hm)K{~8zMDRBD zrJhgqXgWua-PuyF1=Z(jjNASB+7V;mX+08$-h1I}7L+yyqbFPQQrQfdfJ#R>DvMxY zJSOjreviM@CY&J5v@l$#>h ze;KYLH}?Zg{|5!=?zT{p^ix}(#t|sB0fzu1gSiZFoP$x4fXfzy@NCh0Vcdn@Z6u%- z6z3k|s8G|?mRIuIJ=n9#vTR3;(ym^{eB9I-+#9QX9sm&jHshN2;+}gXoDRq;su@>A zqbyz>I|zV|Y(%3p*>!|L!|)A5%gpRRA01DPwe`btAKi3~@9P+?{R-O}eQaBH#NMmG zPdpxn26zUQgJ@TTPvSrW{uAOV%aRT2%9=fn$PYH1UvB@RN;@h`v0n~Q_?|adQal~1 z>6RgBOD!=jbhYRbLr4fOLW77~?|Eeds23Yuk7%^BQLt)zgp;d*;dFHlN-$tm7Pbi_ z#R!HK@Zr1;Llgf86R6&~-D@}gFcA|~EG+v(3Abt(ZDJFo6`OjdFi+eU)6>^QJ`HL^ zQ5$LI^6o~mMFmthn=QLV@AK47BRPvc*?-~H)80<9XF6v2P^dgJTAEn?@HfhahgPK} zcb@b38XoHH>Q`uQI>P5rSA|KM%Nnl6;kYCW+HD_s|85IPexg(<38Lx??)slT zP%W9G7i3o;ehV|M`o=VxT<2P;o(d-QU<#GbD`)nMp;%Z;G3Zb|`huYY|B`YJILOLD z@WD@zi(V$tt8l87lGv8mrK!E~F{lWV$#Esgq(P#{WyqM1`Kw-k;mcLn9Zr;kwD~jK zB}%Ka`rWRvZ##PF+X?#Sup6lZB^#g%30w+n@S(I$;4Dy8O_;iN>&m%UTPD^-&|z6 zcW?|%-(sr-x)eH1C8}7RiCG>bSBVy`0U2ulTApGGoyr$zr0^%N{GAw!upG6n*L&in zN7Gi$bQq`{uAsB5YBtDyVZR7Yf>S2oiV7Xyco|pdyx@T zc(hB@;GYPZf5p`z5MP!#fmbx&~aCNY_F=tJ#b14uaGW}uZ(ZR z>#uJz4#t4fz4aOy&jo&i#@*RL5L3qAZqXMuc^3SnoT43r3{Wc!wY7JmRsEjm65|5< z-PBP2Px;qLIax2rZa3v;O`87Zwe3AgD)`y#5lS^0?=mXEiHxh&+lV*}_Y?;oXJZ!h zrn7(C+>%-<_L?U`;1RXh->QCLq>nZqe6FBKWI4e8uzY5@r0k~F57qkPd*~zb=k-O| zZrfRz@vM;BQB#e}1I~QDk(i9)-%rBFa~)shV@b!0v3s#b!_bYb2$8G7@g#3w>k;3v zv$pWi5nDuTIYpd5C>B*lb0x%9sryTNk%ylzDHicDkpw>k+C{jUZ`2&nB&bsVS^gg6 z2Ffht=M`~~KveI;L*`4_xXP;wlZ$pXzs@xIqdinJ$+&ZQwzkGp3yMC1r6O|SXlo~p zz5XOTI04t4_|DDarALpUgufifHQI?~LbD zT_N0%I8wKL$YZLR$4W3lrWQeuVdpjlXU@=0`g$cvH)B!KMfnh|Q4m(dpa+_NIJ|sy zv`5c&(XRT8{#-t8e*xo7rY{kC&eW3Z8pHRymozpVK*^WHk?-X;JqjJC`f}&~g7PP4 zfDatB%6kvz#{JevN|@B&kkxvQiot45I~A8Yg-!{RVtf#^OURNaapmQLlaIZer%2nS zzl7y(4H6m1-7an{_44iXzDV{uIY*2ye79x5AmL3W6LKda3k3)o-44#13WFEN&m<6E zuE05O$6Fq&Yba7=n&E!Gw)b5u+B%s^ykyWqE4xAHE=jbxG$+HI|9(?7?AzRlEf`!; z@d86A1%s-S*hnMveA4$>d-=wgYz*AjC-jv5;}x)~^?}BmRf)ljqD0fNOt!yh1w*sMt_liSYBNWchxbRjDHF$N+Bo1fxei+5{tVyzzuZ>i z;_=-g)XWi>jB|d{?S2*G$Q)Rt`bxysIvQ^)v)8cciUqm7)8uCSywpVpMzz(_SP1MZ z^oTD%KG^boGj|PGd8%2YCx&!sGmwU=l!c<4PVn>tOcXxf?Dlo=m>}{x5N!*Hi(=kk zOD=bFIbLqcqueAFe|>co`&ldPrwQ^~ge1egWO?uQaVwG>{`UG%&y*Lu+h6e1T?kx8 zi8J1n@%(*CK&Y|xMgAg=x|+?fnW!=^&+m5dZK6Xj)*XA|*FX!i2=R~Mt`AGzI8d%+ z`Pmc4DqLucBo0(@F&P({$DHsOH!gkKpjhNc3pTUJFj}6pSGst$jxvsX-S*)`@ZnXv zDmT5H#*?IUBUcoDqC0jtN`@1BTE9eOQ8hAhcuHTt`x7~dndhGUA!f%K9KEV246lle z1U`z9r#R*=GtZ~gZZ^L9;3pI5yibaO#$3oLjcF4;r8kXs+j#0g=Vqg@t(ijmV&Xn9 zO{pzaVDhZn0B`NP%ZQ2fB!^t>M2P0l8mH&(Qjr24o>$;_iF!TIkImQHXKie5K99>& z->fDJ!C-ghMK78GPK9)Wfl?8pOa(Sv$tE#8`(Z3&#JVNLkz}6k4#F&G?+#xF4bdL%7Lt>Py1OIVw`pxSXpt%4L4b zElrZmI_+cv4m)+vlTTZ;lSt9uUc?A7&D-`RtQ{Erb&Gy-5XCW|P(=75VTpq>0W%IA zDdEtqa|Nvw{8_v_*3vhLhD3QRR4l$el)x{@a%3-~+A3FHV;=1-Sg-n$5zyb>ff&he zSdK%Q>PrNt^Fk-NR}Ix&ujKXfRnZpr15P6jO8M?;;>^&tlE|PpuW$=IC-cS16(9E} z#|s^&&XAIl9~G6aht#Lb{9jx1x764fdg!dFw$ z|1q<|S3uZ*YGwYHDv$qrQWN8WGMD>Cy&A7Wi5KHj`>FE5PF&nRTWw#cTooTlg@n~I zU0KocrFPOapDbik4*MS;2FYnQrt@Q=VdYO0$_>FFP0IK2GeiZIW5Q?AfCKB(tvf&K z3P!R3f>chR`*cyY6Q2jvy5@Jt+rM+~=66Ig^bo>464Wp_* z@QK5Ke}xm(?fja>v9c?$eRA-N(H>aiWx;)zfRO-WhjF0&$ z$LxUw&z^+}~D{8lekh>+r@>P#Cn;rsG^P3)zOS%)gbM6s1 z@F@lKmg%;Ld(H;|kY+Hjll`Mr6sG#m^}B^?Od^p;P^x6}PkhaGfh*ne2V*s9iK27$ z9!Ey76E#&Bb8E|w-d*Ouq&85+hfkG9ayG!B7Ln^m!-lf^O#4rr;4S}k%wtVH$b1-^ z6)&O@ezqR{2g~e5E2DO+zj(V>iF&I4j>r~e$TMldR>Zxpd={~hLt(a*J+{+j1iaRy ztSI{51zQ=TMihX5|8s2ZJx7S7VUA_Qc`N;rS!t3yQm%gLj*bo7F9aRxwhU7ZrK^!Q zfd@{kdemeae13(*d=7Sg!3i(W*Ucyq68vCfN)2TWdv1@^1>g=b>!NhAsL494zf^uZ z1E(SqyHePhQ-p?uKV1t5xLEvgVd#9cm*}mu?&~Wq>QBAwX+kqKJzIXoQ~%bg6M5yl z{qg-z@}$9fSMkY%nLDol`gJ1ql9CCGsLxk!`yBI?>HDSZ^e%=05$;j~!QkY_?iC|Z zgPt~))(7Xj=Mh~rf4qvrYANp6Ns~1i&?EAu4qBp11rX(l!ZDQ)Lw;R1e`8X(GMO$; z+dZ0c)SVB(d@FXZvzF?ewR_^jQLMhD$`&tjZ0>wNS})X|iQd$n$}Ln|hY1-3% z$6ed~6YDC2qVRhj1&fE7<51`wW*mOj>;8J4x%PVW%Lqu^F7e~cYLU(45o((Pv}{8y zW{sUc8x5gLf}q6c_*V30$JpDvt;9#n>kB$Iwl%}wR$z>-IY@Ewedb7!t@wF*p_GR>G6y)gHpAy1di%nIpx0kmcz7 z={G;KSd&sHC*M=SN_;vjDJDUqMhh`qF$XBh3=Io}lAg5U^&~@qr|IHVqyf|=LsZ7@ zjY3b|&&wG)yt4E8BKVB6_)xV2EyTj!Q!T8|4K|nAu2S}R+WbqRn8?@=&xTsUdNu9`v;^r+(xJFZYp#Z^7N{e2=_Lxi{bXwdxSvEmW)I(x`W%> z4EXuRl~1H^Vm~)d|6uD?T3Yzr{gr&ATvNZmuKkcYb)39n^03)6j0bLa;k#$p|@Zv_~B)u5xx5gdDr-g2zBC5Ivvj5q*|K68%B9 zYH$1o;lR=OGG9!qk!=E5T2c^12Q%bF`VQX;ad-PSYJ<4#i~kg!vGAW4wUlh8UOqnR zQ5pP%f99J|5*L1N=@cvgJ%4Dk0(_y!d1AO=##W>aQ$O{zPNqd^sOg0 z^s#Ts91jXz46AN_=1J-ZDWHqN+Mt+ru2SdS^9;9pL&U}2s&{0&Sc};vptOLgJ|CFq zqzxjHnLXaSyN8y$BJtX3y`IKuDT>anJ7SZ9c%tDI#1SRASdm!m+Xqq7mQ|;&)V!_Etg) zMFY5soO6+^3%hF&tz}C67C4y|Lv>Q z{-M4zd^?b(+Z9pG)x%ztT4_n+Wm+N z^3c}677Yku&1a)MQo8TrkBl9Kl^182nU^c_*rp;?YCp8!**@dC$Sh0zs+NQJhKm-5 z-rtkj|Jm*`NyXX7wZcU-SZFRH4-;XNtO+58-$hxe8-2?C8poEz8 zTN`wL9XcM|VUy`yeHC(-1>iimA8e`K9j8B;EhdW;YOE#-ChZ%y4mTRJK4DN z4QYa+TOGnKEtcu5pSPcx;M1>XD~*@U5044E@f=!KZhqCM5j^0qUcS*iN2F)5fDTHy z+i9nbt5Gb`4D3&DCoWD(&04=2^hBq+w_b{F%WT_KpO;2D{JzK2s{oG3m>S?!tEW*g z!?f_PI-_)v#6kR`4!9n4@~2OUOTIgsS(7oJ<_B61L!BL*g`$!l=D9mqvN7^W?o#e` zFPB86%)jsIzkbi%Lx`?Jt>Q83C~^1c*ZDPAm#pzuiR=(FB8yHX>4vq=&H zJnPjd7ocqmZIlR2+ZxFVt5vejfE}dlBf1m%A1?r2`vqFS#`9#LI~~03HgS|!L=zOH z3?2ruv|-U5tn;UrDERQ9hB&f8c5inO4APF#CI9C8OFqA2$Cq3re+kK!z6FXjCRbvH zgjf#eRa>}l*J*JCYf_GcNBRg?SM&&1T<9el@kkH0H+p;jvq0sO#UE1IL?U2WD7=aY z*Rgl}o8<@~HXdc=3@1rUA}L)LcGG1k+}4xQz+Zs|OmIe`qU>nZiB{-v4HQAaG-S-*K zefe+-B~r?b0?;mAy233>umzyQy{ZO0Qov^Sp8)mpT*3{TuUd{f;(>OWj$}oYeVhXn zo{!>Z;N%n%k2ekUcIr}!ezUh66&_j5JG7qL#_jz$Ob4D ztwMq$O5@il90tI2^{x)yElsPNpzF?CqkN^b6s!4~;uV63YAhOwC;)hX?&L2JOcWV+ z_z?)UCdv0-gSOm3I20ZSx*MZFog*z6ab8nt$&DrT6KLYAr72HxTfCN2AV;>s=IFC` zf+y+YG=G+PRN`Fyza)PfGN;bzRhxI~RAZBQl5a>U2-8HO(CR!>m}V}$R3^E2^C}Dj z!}%xYi-D`O5T;dr_@Lkibe9;}8jJC`jd+*;@O}xYq+@q!zu-j{S62iUPD)Hg~p7vna zb1r`sra0fMOh2h`pKOS9zo7vE@=!-%CTzKwtUM9#O9)06%ID|vyEngfbueCQNJL8Q zPH-Ck2*0K8~+jxLpjAxY=}<1gJu1P$bl_=gT#BFl!Aj0*Bts>aN8XnO}lV<&<-HEaDC| zKaZAMBT@$pq8g~2$b1C090mnEG#ZO7W$5kospswN+V8cdn$mAyO;}#6y%4lXYaN4( zrQRw&o;NXSBN}|OcK@x#yTrzb0l&i-a(ymBs^9L@RBqg{WX_7v^)ztX3B4EY{2dIf z3zqv*&ag^~C;jGIp8);SolaYuOl2$aCZeY*2NfpIi=W((vdi_f$G>;&+!4kg8A@vP zN>RS#!beD*N%9SQ*+;4J4Q8c%X{nf8pr2?``!rTfJ&8ajwts<1{m}UJw8&2hfsQggxC@$&b*NZRB)eaNmrv*g($F6{wg=B^>` zBbIhm8D%h`Mio|beaSg#>esbl-D1A^u1f^#De*xHY}p6dty02xP(Mjg)-aA&!<0|1 zUY!F#_AjJf{eDj(tmj=TP=Eww-RY!{Tuys?Qm2mHA$V8r9got_(VA$J! zqjG(y7~s(zx7m#eL-JpE-DrZ+zmgjnZ9v&0ep^)75cea{*D7Jfy8x$3`WEQEO;w91 zj3ubs8t5k7Y7pL&(fHI!3)Z!FS2reBrEQ~tC+9`g%;|g}g>hs_Av-GuZRD#EXnlK3 z*%{pUMa40t{OUVZ3=cYmhZ+&qNXw9dnX&Rp0{QnFQ%PzO8~I?efPZ*~Wxz9B+_BT> zJ;`4J*in|U8bF&%sf10ZkIR@+XJy-7BQoFox`-y$c+C@lX>(0jGY#Pqj<7Du6dQPa z>YFWld_UocU*|kr=~|WJMlz5IWD1K`^8qUXMEZ@0)cdeAcd1NaQV6^G8oEV8snnrK z3SDen*RA z+J>L=3V^$PTt>l#p7f``V~l%3KR9zoY$V2U)&8dPw9k+!3n}qO4`pj*$^!~JeRJ2{ zLIjHNxmhfTd_%_J97cGvFyM;l>Wz6=VV|10XSHi0w)i4@%^0OwXCwhLy2*QBSJTge z{zdV^4*E%Q6j@19mRTp~S!NegNY~kC>shABD^3+0f1O{=l_Jz`ncMOf7`~{M$2zw_ zHyiEE9+JVKfFd_HPmZTMDjo^wiB5ANATStH-l}~I?LTN=ZRgw7(fwT<^1&9+_DtcCqW4Izo(+Fm<%UTOc0X2$dU8t~3mV4wrdNpUJ-X{s zlP&XMe*-$wJ&tDp`=KVoiX&%Be44o{qCwpzAF)E7=LQSUo%*+HdVf{ja^ECR}6p`Wb{X_;uRJ~Egzx7S1VZ82hiK1F8Gw113qE+g* zDE+|0=go?*2(XyJDt{5J^_pP%UpAk7_r3Of?a8O09Ws?iNg`sU zNA9zvO9r7 z_VC(9!%)PJa@U~4kgl|hRD)g03yk>tOeimk+rXvSxk?k0+_A?9&Hhk1qnqrwUPBYu zE3fUIAwrwx2JnNpGZZA;LPgSpI_YL9u7Twy)`WKRL0qobM0vuIUU_OVb9#!<>$^TD z!*cAZ+?EJB(u)t-iTqu|Ud9Z;+^U%LtKLNn2uW{!H~Z}OrT8ut?RKTt7{`yWj&&Wx+G_}~-a ziVe;Z`imT@$}R21MK_7`IzV2IR~#4mqfL_ff#*#8BbHQc`q$_JBJ#uFJbvn zk&3#P(w*@5@v`QqEb{8 zC&KRpp~tqxu*8;?_6OEV6Dx3zZ1G-D2T(R0nOxOlN#DYpeK;oqR@lu1O>1-cB8Xo@2zh!#nNSFo*z^ zKXW!iwX|23#A|MJ-KWO22xf^;X~Dbk4?rE-iUSrMd`O<9S$S0)+uEhscYiA?P-A8z z=kB})V!m%)SAQ>Z>tLd4tMu5P!})&Y)@+hEDDBm3Fq;7yyT1J6qu%?25jSbdE@W}1 z{Y={mjs?+10dUd8TqqkQTNFQv{RgdEAnl3Lf<#gCLx&(v9K!c=KfplkCS zei8>pc;0NNEBr>fr4Ek?8|RVa?Tda+^QYM@Dbh5tE>!EdcfSV}zW+~wB;f!3fe>0F zQNEw{2QC!m5f$Ou#w1^qXW42EX3ff|f`q~%o(OxqY}x0;v&_USIsy9Mg3I>$rD0l= zp4M;!ooL^kZq*2h6p)mkNRv}LBLnI$W8VmDs_H>29+xd;2|G8I8pPff0vQ>Z(?1@| zgWxTHE3E&i6mFy-6ocf=^%S;5DETN|nt|!L(?6QHuT@o5-TlfNv7UNZ&bn5-Ch%a$ zaC->&uogM|X^tqD)foFBs?2o%-1mJ*XbDNe(r2|i)TBOI6V1PSoubMQ;H`Vs=|V{L zaonKj%FX#`B1>SpV(s+8f+Dq_mTV^eS|QA6_!F=Ae#5Im+4sODEuH-{Y@RdvIahQ; z_-~VdiZS3Ir?SPw4jrhO1ljuwBzlz~IQ|Q0%BQf!2doeR&5_?y2ozYqHE=-YfTQ>9 zo@#P=w+{EzZqjgSex7w-ih=k(TOP7YHzR z8Tcat0usq3NuE?JMy)!qVW0JU2o^<%XO8z_lWex2o^s+`IciR(uMX8*&|xy>x?$_@ zfFs@SHq%A!2Md;@4?xRl0lbldvP7akJMc!ksEOVbQ8j`2IF^6Z*MoB2Og7Kr1l@L# zLkc)#ftlC;$JSRyMWME9(~N`+Db3J=64KpLQX(NOB_$0yAl=>4Ehr_O(hUlNG}0yA zoqo^k_v~}_e%JR0)>4-k-pt{-ZFf z+;dZ!9_mAQv@~&H#mtsQgOmA6Ar2LOgmN0cJxK&TpsFc{?$hk$EO`I%OyM#QBfADZ z2r#{@=9}CC_n(I_F2wTI==l)&UwaM+(e+dPK8Lo zdVlLBr+-}J2X@dT*psd&N8V<;Rw<@q&L>o(NN6EeMORsh^!qJzZu#^W6GH&vb1P z&d5m`VLd*AgTB>_CQ6a_)(E5ohc1$-Cj2qtFi&vtnEu@Edk@B2dE8A8c`+gSeuFPy zO7$jI4vuokL{Y*3o2OIzCPh%3Q_8yMWmXxTYws$7>Ie;d5&7dbYUO>FO=gw!hkYo% zUV~;}(@W1sjhminP=Mys2jLK_XLa35&69L?fBzTxnKpX zn?3)vf|>tWLGA74)<;IL0!#r2KFTz*w2+CCZp>CQVBIn4Bcp0nzUdAlJ_0D%RG#gF z7Qy|dlc<2`u4}49tH9ll9nC_?i~<+nt@Ud4@eXZZI?FwuvF`c_duo| z-bNzBP{%P8AC}MsV!%K5kZ3XN3uGv`-qJchV6qLN2bufV2nzlmmQ=K^@0&u(W$L&| z*1;*DJbhw{6otk`ugUh)lrPj}|4|@A2|smVeV157%Orv5{lFKd{1g2XGc-%}uG?D2 zdI^Q|lU-egRE5`jWq5~3LC?`+Ppv9@*$KpBPqh`3RL;6dI1UzBP!5%2MC8Ro-qJlI za`9fY@^^)aaOOnSEu|xR%J^(RP@wj(NfLt#^5A@Xl7p6--;%kHDn!_nuFmuNt#ptt z(iJGn;M{LRmCvOGLNqp6OO91^|tJ=EK83+o0JYwJ#zdob= zh()*GYZh(5;DvHBZBy3#x{1J{Glo5JC!8%)K=%k!=*b4RSxtuz+82sEf#5_OePYRw zu3wF4)7{y6+%^-BrR@-0%AQV)X-e5ha`Pr#_md6dA2g~s>AgLJ>=>3I!u~|4$f&ps zmb5vg!$&?C_}|*DnI-^Pt(j zjgitu>|T?J`U>|o=arY@*%Yz!GA8*Wd0O|KieC4?gjpcTcXYX)g>Yqx&;6NEI*hXS zk@x+9MwyPG=c%R}K+Zoi61dOw8E_ox6r!i9EL5w+M;L)u{K90;qTbNKi7Z!}htL;= zU4&rsBuf(hHu`gw<40Ym(KOQb`k3Wi671Lo- zN`@VrNls~2p4doiwH0HaL1%eljd8?l4`lr?@H>VdQx}->7+VUENPTtC4{%lnjPWK3 zo+V-TcJv3NN-<1CWZF`m;>z6@Lr~|P&OVL+7t;N>af}G`gBwTs*!x@=GFRV0T37j` zeV*pPSl+BY$EC6-=M}H3X@DUQ>Jr?=nocM5jv5zkRlJVV7LpZCfPid1V2aA7lPn3samji5>SgBv zSEuL23Lu;E#D7PyLZbr_I->d1l*v9IsyvllJqPlt{PBMz=1}R@JFq!;GNA`j66wo; z2t|*;^iS^t`NS$53cdlTIILbU@B_m-oQ@^x-(q6GRhbn0cZB!M%t;V;P-Eya-=^6z*9*+9GoK4haz6omWyI<*c zp!XAdZYdP;uKx{c4>CW&=7CJdIW3tiohVsB?^!xHv_qxe0z?If=iK`Bmt#VJDVb1L z9!|K%ZI@UHe2DS=&bN_!1{K&c-7{)-s!E)W&KOU$Ni*;KLn^XVMNc)3$*A#@158Jn ztjAebYyq`^QV{5=4!&I%hu?uYi4s|W3C z2I2NyWbaTbnZ#r|hJ^cGklWo~Y)2-*7J8DrVbaVi>}Ut{{3hL%vO#Ilnv0~phERrt z)SI-Av6?L2oRY#W`)!)2oydYO+rXwP@z62j^;BYsgm-5r`Y&M^=2D8ESnn$G1wBJC zh}=Q6rzagF@t}8W!DqnN0`Ce0oUXsWcDnkRQ_@VL_tBeeN$EPlQ!}J$`kTp5@quBH3IR(|JcLw3&9)_MRlET~2(EWCd+uO~GZ_nkEQpfMCv8o&%nJucUhUh8+0;@B^SvwsD6-V^oX zG%BzC-c~apvc@uv8?An$f~daO?bsT_V0<$oq@d)Q|G4Ky{- z37U@f_e+d7Od|n`%3SK%bOzWZ5`^!tQ4GXu-An5c- zhVK0$NImtz`=Zq9%S!^(E~Ynao-EXS+G7sU;WqDqdg*VEklePHe!)q}S?O1g6yl7;kvsDK49&&wq5q0Ryp zh)qX*2cwrnA54!x%6iej7&ns?X1nN%ten((yK5g*F6n0Uej_JXNuHGH$d{`{Ae07< z@0;TvOt6Cx?E@9zh1r4Kxkhb7Z*A1@O{Z7ALdFx*poV*0N1!HQ(IoEB8Fav90|~tb z0<~5TR_-!^Z`#AfaX^`Uxe^TJAFcPj17($gXxNFJgjO3g6CDLJ9@i+E2*>)O9qnGg zN}C#q8NNuDgMairtWxoS7Y&gIPl(ShgYRL9;bpSNXkMvT4B;>;Fdbe({L6Z7aT=}x3z+}GDtaEKhz`sHrxG*hPO=`=5Rzp55j-Q`4<zW%OI}7=}V?(vqciG?9a- zeL4}hopW5(N;b(LK0k(HovKf?Uma}y7kw=#G8uG~7ME5$zGW3n`|WS^4|M9srrh5j8tc5YXIz(sILleyl0~9~zpi^iE8a2!G6Su%~-_gY!z~Sd09ikXxCh(WTuf7k+ z<}D+0P>yXJGG}T+epf!CPcE2V4#X%eGBL%hNdezp612are%9iXV$Fcd?C_^yIHjNeZLoWCr z>|`@mjyjZ-EKe&~p3KDsRvCUk5F>Vw>l;%tu8oX;49&D;2Y&T1en*lSM~y%Gm=+Rwas>N=LdF#)sedK@=Q5f$k`v+|;x`$MdyQ4iG0{0lC zxnJBV+8n~hOji06=YK~GN_Iotkr$HkBrbMhe{P)Pe~s}G3W>nH7BBso{U;>O+UOA? ztZzTK_1-m}bkgHrdpBJ%W= z@sJoDGhx3(NF_rQjre?oFU$*86m4^hP*7kgCycx=Gx`MFporc+FF9vsltKZ+mkffX zx(qk1&ibc4fh$G))cSOPT_Il_Nr}$1<=3fX{U3A7*P^0br$|Bz&tv55m73o^x2LF5 z>4rB?2tV+%l@_FY@sw0lpk-98H#e8A3d{9$F6vfeyZ58X=#M$2_q$$GK28OnN6RBT zGuF~)R!()Q%HRiz3AS@&^+v3^n2Vn>O{j0(-4h<3xNHo!f2_!RjSv{G5-f>xrXFn5 zbPp5ryn<^eRnMNj(1nHJ2_2r@oR)dxx}lvuJTCb3p^$m2w9CBDGnXYMOrVfCy zWi(b#>K(ckA(K)FMp(j}b~CYP8w%+|$KB_~j>lw^m9H62EM;Y?N>=NvKE~y|z63dG zlv|o+#DadSVl{?Ht-Fo;m~hoB_G#}k=5^%r$lf5C=y!#)K^l}CKK#Ao!>!_!+Rd#g z;Kw1vqCe6UI71?=XPyGfZYMwGMBBaOq^al$YY9J(?VFEZoED@jZt*kRXOlmh`tXH+ z)sY)M(H7o2S^mR)|H2Nt8VBFf$R4+=&V;JT6-B4qb_(;F{zZIQAI}yf(1~&kOlN&?+iiY^Q&e3R*>cQ=>6btNq~KuTzewie5{0cJ7~SSBo`9@QWed(HA+ zryph`^Pwn$Za>U$r<0L2n|(Gql@O1EgA#L}o#l^t>09Q26^x5&26gIBDl z--WMOlabsI(V#h~VhKVRQhk#iagot`KwmezoaRL8^oSaR>c+tNREhj@E5MfAVUAEJj;86VKGpB4G`5>Q?f?USwQoSj7AJiW& z_uiuK7a8A%KiXUz7$JERwCX>lUxt2mn%_83lM|=wfW;>6RA7I_uf~yt{d_RP@ux03 z;i3X>FcxR{4uv#$j20cm=^UiIg8s$jIipvAcL(Zgc< zB6It@^82W$-(Wkk%{3xd2|dT4_U{I0(tFSCIjg9%G&!5}UuM};5K7*3VKKk*@x`Z= zy$a~8Cfu#bd1^^fu31JD?cS224cIj}h7a@|e68G{I#$-xCg82lR+t7Gd^p>OuxSpp z$B4_Gk=NWVHR5EO{0uH?)FOX9QKb3EdCp%6w^w6yKpzk0Ltq<9y}$gkMW&ioYX!Y` zeECt^`FYPfL6QZ9sNz`f8G%ySsFXQ+{FN9{?fQMYVnXWrMML~9ANS2fKIvu`(IW9p zgcwB4W{3IQc5w|;(oU`n;ooeAofBfeldCB5>6;y7#1%}mVAer3~$R3%D~`1 zjl&AF7qaW}K$;ZdtZ-rlB-AIB4_Yq=?Umv^z0W!CuD)euhuq zh9)?96P~QG5+^Oxy!gJ+Li6QrJ|H_MLUuTmdSpkh$@}oIf=v(a^^noM@9z3l`s&nK zRW9cFZ=wYa86|JShO+W!-mWI8>WRN^S3NrH$Xbo?!ZlyrWXo5$-7@}&HmQ~zhitsR zQnmCjw zgpDg@_Ue3}!@lM6(;VaGenp!CrljOW@K%5FTPdZNrzH^&FFCvpu^WK?i()4)eh@mp zN<9yK`u)B1vZkZ3H}g$88b*a30?7M-%6pFsnQoQk#T)R>naqphBA@dLYIznI8psyV zlx~w(u>sK@NU`C?UR$$PRzkNypGXN-MT`-e$rHoHHcIW=j_n#QEySrCmIu|eIr2VE zep%oLxdGZ7eDCRg;_N;6vUCSc@iyL)w42{;1x(5i_q4R~JuvkoZ5$HVzW>QxJ8jsO z5}Pc?CGPcsFY4>|z5iGECWZZ03>x0A((940D0 z?`W7NgLzJ=C?m+fDKsOfsl`Y0M@9KMSs*Q#z5 z<`}+V={8(Bpy}$CGnm}9(t|O>+cnsRq%Myhh`Z@e%xc2M`q28@#wf=NrV(!e=4$Kg zl(n1o$P@p1<9axV-W=b!V22=}7(@flU6Y-og&dhB8`4%pt=4T=aw` z{+qxhijS9%Z+Ra>Coe{o&X-PGVQO-A!>0O#3*_k#!IyS+rRnhH(BJJ(e(S+PB#PP% zJr189FH&7emS3H2Q>YVNOF26M6~y1ZgnQgMr(waW$=nj3u>w>$N6i?1BiG0>%j_ya zcSP)FWtV#+n{!?L4!E1%59I6pde+Xds-`^M+)yvm%I+#n9NB;NL3|+Trg?r)hh^C1fk2LWkj>Q(A%=VM)TW2MhapMKUwI5$#= z>AlHq?~l_XAEAd|l4I!FkXmMROluwJ&k5PahRlyMY9RX5cCW__1Xt93`0eLs7tOC> zbO)4yyLbH?(jva?xNIS}pevXf3vZhRe zU8VpPCk7Lj}0NjEL>3BwN-L(W`DYP-;8(Ij;R*r=q! zOneDv`HWxvvIi40m}QtAQ8jri8#_45PLWEj-yH;t_a#3uU3Mhbrl|sBl79D7>o?;Y zYX4*&>)(?03ICkX=XVI$d4>A2GTQ!Gz8}K7;mA`0r9mz5xYLZ)de#m{-jmaQ0%B>H zmf_dUJ>C>{0ool6hSr#@2kMEkZxh{OP@DiK@W`JUYgAhbbIkGPJe+00G8u@Gt!=I%_bSv z-p!lPU5V!m!}#>te%3F8VsAEedeB1~p=(s~u&x0K@$M`!{tDA8Zd6d5qlzVHMONy` zsZ|~m3!+pUjkvli`^EHr-#WT*PraTm{^ZB+F0`1}(c}brBjHRgPp*_=jo1pCgGZ(7 zbJ-l-TYha*?#IOXbaUq-^-e0)H~}Ebb4P1J1Ao^PGnTbO|4>o10nYwjT-Ar25)j&l z3&>n!UbEB`XtL?Q^si`Ms1_C0sXoRrrawS=PV6~ac7W6Vs^ZNw7yS)-(zC9JAg+yx zS0+HlC@J+^B}0hp=r=-vroyyWmgwVLg{d5U#5pKbe#e0oo$OC`BIo{ucuJ-7;T$d| zPuY-^g#36=WIIKToqk|OZY$Xc+roZg;ju1(=IhegMiv_APZ)JC*0!s{|J7Bm_}z1N zEY4$Sm4>UUr5y^~+|RIT&h7n-gMAQ)~INBVCnSf{cR!h$zht zWwjen&Aaf=I!McgI$d|t5l?iRG)V{xmImG3hOWIMNOsmo$6BK39Y3fr=|8{^`M|I9 z^}X^ZA(hnFf!Xk-C1#nLM_Z9pcOTYT;*y=)b3>ct6W1SY;dWqt%_-;v$`2K+$4Xh1 zz1;~F#{~z;a?D}*oAW!NCss8IpsDm8gUtWk;sz#N9 zLAwpq5^aoM)ICkxgnG^%jq3gK@kf;Au~(FnfcPz>epGQHa^?ZorWIdUexese!kkB@ zIYi-K_J#XbL8d^y>q+n~uvr$ruyDQv`p08cUUoy)WpxjfxFdMCo~-<&DNxtf5E=Ps z*F$}Z!nJ}{UNKqFYQv}H8DayUDmTtQRg>a;^{(Jk^rfB2jq0a-&};1DlMyz|F8j~9 zjlUy+BhD?BtarTcKx$JaN_uJHhpnrWqU8;B@y3_QCX8J-FeYhW7VZ4*;m4E+C2r3o zNBh9tDvKe$ncLgrx!%O*C=32Xza|{+Q(~{*p9BrkrONpcG0(M7=Ino84S`C|Vw5W5lbs zYchQPIn(`{2S@sGa<*`nu_y!IJ$2jH`? zGV(eQ`X5c|J4a4G@F$7#50@Elc{XV*$|TLH^j4!{Ug_%-7EOC(XYK%70qSpiQx&M; zzfHQ)MpQbUlkgW!s8RRU5V8>~aGT-P+62)?_c*0GFD0ki{oK>Kx{pFPd?+b}m?~CX z2KqIh49O>!YxYC%=|zeJO>1-R7sVTwcV7C07v&};;%QBeNQu$Jc~)F%FmFALF(H4X z8}$bH(&V0Wde^&YHxqq5*xbRMjer=_luDn4*k&iLU80uoJq3gcRMF!1Ng<(~iPT?mcG z0;k+W03EeR!b!%*=@nx;6emLSC!ZA(K}RqQ`w*1_L-};)XM*2rt`b^`%$lvp!wEh6 zl&Bs;Yb6+OO`5SR*Z!K0C=9;are?|5 z*xYq{+H;w|}_ zD&=(tkS)hA7)$@EwsoQVf{yh_4zA;-K6L^F>Kj12_*ZWrERbKPq=~8XbOb%rw;`x? zvLg_C#VInMTqT*~SMbrDgH(Y0C!K2Qj?goYr+;85_iiy&ugr8o>m`{`{MA?+N=F8u zfoEQPHN6G%RC$zGzv(W^@p>q})5Il;-ujwsK3>O}5#+#TgsOu=Ab%>4ljFa823J|e zlnLV{Ryi$b3D-eOi^4{+do_i}Q62(sS9=$La_R1q9Le}cVjfMXg$;8VGa$*FO_HWW>sf3I}=6?HOVrLh03)ak8k z^}JcdL8^>r$Ki#Xl;TtAZcJZi|H1&>r$d2au1yuFL-S25hFKW$= zE7nP7>nbo;QL2DdtzyzipoJje!~UnH)Vg0eSKx#v>odVFyl}f~ zy3Y2)=|aEN%X2}qRF_GmbSo<4k-yE)g;PuJ_Ft%1>@%n2sybP zuC#5n%WiMkE@mc;8e9w?0EkD?$yPHR?3D*@%BzIUBi+c8Koz)G@bcbw zHI@<=5xx6Q%@_H<*Q6gT@wUVUjc*U=%o0Wd9Y-cY;`@ZeHe6OEypJLjnj;h1SkE4V zW;+<5_NfoZO?DIoDQBDmqSWNcTDcfGW8?x!(Ljqd{=S;WT@v9wdMuqzF*>ARP+(Z^UH8S)yvZrHA9OR@QCb5|=*cza)=}A4(Fc|c`j7GFy{_AdlZ{7z- ztAt4saS&H&eq<;UAHyDbKPkOmT(yRgN&nHJ`$L&+w$a zy-KAWDCs%o_|!|r%mW=xb3F=b=x5* zb`qgx-$j<&6#4yh?!mf$&Ms#<#mlLq*ZFtH+S-kS=bk^(1z(Q?c#sFbW6EF6A}vTB zhz{=C$`^-+Mbe^>h4@hP((+HRpmN~yfq&r(!3U*lV&_O2i)&lUL}w~7|MUtW-joVGi=ml=xdhp!0DldpeR>fOH#6Fx2^Vt7em7@}nT$IphDn&i~vUSOo+C zb05!(=wZ5%Pzc$Bur%DDe>QoZJjJT=4T zXuk|%lVk7EosfeaNr6J~?fK@$)^UBge_MbM2`rezGC=8sYAT7K^mV))1=CMVQyK5O zt5>%{cx)$>#D4C)J8rq1Girq$!zxEJ4e!f(&KybHy*iHuS{hl z@qs^$ zA_0__5#G$@{An6zup+bB{a%xA)N`%^=Op%#Y)Mq_MklI&SiHaXR6)k4OO>E~y>KoR zsly=CbBpCg!}^DdhK=R$d@<%~NnvbS$JVRUvbDOaBa7h>?CGwK_7sK1Dkve;$75uR;di-GG?w8f^5-a}WjQ@IF zz6>xm0A*%KPx`Ecg0ekX#&2Q!g_a!bcN3Uca0GA|$tZG~vm|A{{ut=V`rP(*p4vE}W|Mc$oDymEUOO^Kn zL`t?Bt_M(0o5MlybM9zWv=9joe1{c*)gGblx(9FispYw2$bamdZhr!+I)I1viXgXu{=`}xP`VD9A6Y66Q>^A5=E{rdlNK^{V3hlJ?xS>9%7 zTi0n};fq_oEjC=e29qub;iuI)B<)1H;isYkrHyy)ZhO-f<`=};kUlU3L+F{I)==SR zO<^lluNIa@_)oe9$?uXcFTUO*%mZ2n`Mryn?_k5A3()?E(*HBGL;mn;I>jQ@AR848 z#j>Ggk*Zql+N1GP^m&c#*S(Coc`lAO(j@h!8a!WvTfV}=lMP=C^1P=M?ed6S;rjQZ zfE3XswDM?_d~RWH-r*Yk1fZxX zV}}P=x_L5Ck$|(kx$SX7csQG3{czJx5Ms18@ffjA*U2wG3#fG0V<8Xbf16TYV0H*e zDeU?=(cTt|^%oSE#wiL49{si{>yH+{HG|eWjXjinh~=V^oWj}^j`H$U^lZv0@QGWi zY-cOGS_UaxyZHzJVsj*bl3yI&ytmPh)&r>q^=ssm4$IA82>^(TRO9K&HGZmiR5E%X z4wZN&fx)r_n$FphwL)J28cr;QySHiQijS3O-asM0bc;CPK|p7U;E&wScmMXjY7t1G zG=}$NveA$O=yk5oipvy3vqr}V^QC*E-V!dD`bdZl?ztYb)j>r3sV9k+A;-SPmEte@ zv-u6Z=OETbrAw|STOr7c>|$tK9<Z*{E@MyTLDJn zv~S}wS{n;03cTGP{~qw>rZe$xEr1YTKI@652Av`Ae;aUEJlM$i{^p@tOc|J5vsVf2 zP5=oFS`5o>-McwP`m!c<>i4U$>h|~HTC|P7o)uy9Sf5xntj0Z4?Ce>7K}bEW4AGbz zF!H=QdBUN`5#pcr*hCS7O{*COmFCkQPV|jAx!G^w=4jk|-duXMRq@p(>+1t*P8N=2lLoWUqvPZa)n2l3oOWJO1^hM(~jd#5bpk-@F)u z2#9)t!4U+fhj4%xln~nYzFilW-61pi1v&LKKDukWJ^x;9kr@k0rTtbG>FuHJ@R(1w zEKuG)wBX50pg8^OUhKyH2NC@ucS&clyO(@+Q)(&#^Cu% zEE)ZU-fc0QQt)ujT>MuomnVe6;HBP-sq?2Ew#eYMs3Y<0F^c@5*Q^in(a)V}rnFz~ z(N?c6)fRekJHA^-u^+Mh z0qH17^08peZ=JayiSR@=^s-SE;Xw`DtLKjrZgfh?CBr{JI&1)%a;+$`#H(ul{ZLc+ z6TLDyOSDq}cIJ^OX$X^(PEY->1Di!WHU9Ja+lf4AO(8VyHw<5B983aEaD>nG1*JP1 z4O0YPWO^Ja^e;5ejNQw5B@U(>t}H#VyMf1#2p4`>>o}TeCV7&E?&ApA0lM*_HvDD2bjw%=b?U}i~R`d9prgCuKgPwFQ=jidF+!i zMOEgX5D5W@PYD?hyxc9PNlt+p@>Kc}Lfgu2fC?^hzeL8mizv82volY5$G$IbRhX_xold}Yo4pO)m(V52 z?MW;7JxjhytUnawaUUSH8p#WNPtlRuK!O}VR;$&4Q3ia{_c1~tiSG#zz>wY|uC`o~ zk_>Y*lAaD=C7{6*H2=E!a3EVMC0z)m=qo^v;bh^eKSvvMNo=R1Xqp&nswxb+ZZd*?jnM-vk zkvsv<%4O$ajSE%ezazLV#NHfAeCSnjLt|Y_@Z^muB7HpA3~4J~M}TPY6%Ul$PoBr$ z!>Q>GxSqBeT?JIr#MqCr{pLvquPenG>KIFOifGl!ygUUR`=G~CbFs({AVTZm-gqAn z!m{Ka;R2)2z_^9wrS*Q-oq4;PCpVNS`=}s1P7+7Ey6@m$@gz(aty1HA+jSJrFM22M zNjgq|BIjnY(u?~&RYUA5**y>6tx=zg3TJPSxjNn7_tUMwT7s2ZjWVU2p3PJ`jkA_5 zLzhLL^7=%LY8*l@^7HvoV6QkQaG#qnrPQjr`atP0nzI@E=spDus|=Eod~=9g)(yN< z1KsO9juxVytAhtOW%qwLbhC%x?s8SHOz$j0l-!o@xh)^|D(7T@ zNg?{5P&%r|o+1%$pM!v&$tKHgy0W{NHiP&3$SEN+SNae(F*^f=Z-<|s$&w{5J}OzY zj6%+hL8Fvbv2~60NTW8#=KRNCT0aNR7qcP^Zyp1u_;-27w^|lhS>1OW6xz>$7&|Hl z{!|x*T?{_GoYslj?9fvPrI1UX*^LxQ`J7n%h8QSu0I5uV!q*QpQ#5H&@*!`g%G>ke z`Dsmx9#lJBI?cZNBWm$dZ<*H(7!%0K3-?B0o7%WMqN7 zS!gl%WPLH2R@TfU7apd#9rL0vPTyrSpG#f(c8lLq?Q13t=x)Q*@+P^t7Ge2K#8HM- zuOla2sSDT!c_T&oU=TTf9P80qwyF?xl<@7)zmFW5ZqWoJI`#F=FKbq5555hg9G$n` z4r(lZd;ZbPFYM3A2o18Cy8BH<@2da#!nrjNR?;*FtU~hGeGzv_xN&FTm^9#hp)zHN z^kp-W)745;h3wvJevZLK#{Z@K^dq?5n$lg_55{Cp{r`RHd*H4`H(m$VJR?A{Z@T+> zb2|TiaGIla8LMGwU0hXN8UD)*R_@e|<+i#My!O4pxmm@iN{fx`qr2+55j;m@bVq@Q zE`}X)lh=hO;uqmi9VZD3yuY(RQ|VT-Jr+C9N@-ga;<_^|DIXOS5Q+Z3mmEB4HLzj^ zBD>7Tno#)qZrz$H$l?n37|FMsL3o^}IIc59O2_Ga=izn|D`)o858Y7i%V%Sw6^-l7 zlB%IZFdnhY7Tmc_pEe*jYd*L&UP(l2GK{TWmJMoif#W=okAUhv8W1A+sK7OiPhFuo z@ZT%%mjvhSD*{L16^d0rVk_l&{)3NFR>ta_y?7+6kiRnVZsl_M(?QbWbKf1*2tP8YKWS!^r^0UO5)Daht(tl>Prbf!4YBJX4!LpW)* zpO9t9%SdwGoBzJ)4-wfEqtC3UDE@`n56Xt)C}E|QA0pe2FKt85Ro!b7zl5Rrb|Si?L@NwUsRs=ssJ%rRyMryUBR6m*gS8thg)elSX0u8m;jv<|=AZ~}>8EFsxu zKj3(xg@Qr?(W$WU|1W-oA#AB%M`vV8SQ{V$vDYoQ7hBzJTBOsy`*U}mf`vXqh2(q7 z>TwO~$=|9!XU27ONR_Gg(s(z4;*z0I0W&lbVkU%w0GxrIG$ATkz`5w;(r9Cb$`5; z4U+&uu>d?pS_U)2*DEoUEFOEd z5fbzwsFF!JE%mVp%zu%142}W;!tFJwEHYp zUzJXM6N?RFaPenqU5nq*ia)#Xq8j~@b}|gDV29wpD9e65n5v+qm6$c6|MVX|1yu67 zR9~M7>rtT~=N-04*66!HbHi=YU<+vA}%>3JkC-F49NZh!s=-E(4WY+u`cd}gc2P_nl`TTKqPp~RrE zR+WVvxb45a8q67#MdCqUF;UhBNeYii|6RuPNAEv(M~kh0sM_ZrE27D0*=(KnQoG5B zUGH#n2mpg^ULE9Z0OSHua0$sl#bSw8Eicn$d!m#Vyz+ax^$s~DdR4MvJT8wDYQTKe zuf-ce)qWBfHC8iPtlFiN*8Fz=s3Az`B1)xfUt=Rfcv0k4J-(>?F!tnGJMgAm}Z z@sJA*SxH3_X)ud_sJPp8dpy2k((utb4n@zsf(Kl{$Sl#9doPF)($&7%RR2gEus_3o zN`z$&^ZaTBe~AZ2{{WHWx0@9hvzt}<$Cf7`wp{To#Um~)A0v#_~71Z63U|yGC zS+rcqMeIQ$euc7+#6_mdJR7n4{KkF~GU506z&8k!*peNOAt|uezjrgv{SwjVI)S=L!`@i?Xie3@{|;0;fz; z2&O8YZg&bv0*zj!kYp@*`tX-P%1?ecD3J0WuiFlMY;>BtzpEoI%C@UIC#be4dkPhD zZmfRJbW)ys89OGo2&jQazX4Nu3=Hn1;iX6(X;I!BP-acBU(lIvae6*PoVv=*HHh z)>DZruQQ#=i4Vlj4AAaV3c$FHymT_%j}%y@s(OoQQ897j99Mdut^deqo^S>sr|$)< zT%q|OM%~LwA!N#lF)*s2PVJ%1RC&&c7F+!uFyuOj#F!%oXxIe*ik$g}>yF_>I5HgT z%!ePKQ((-3ey&c^D>l8_g!R`0^7&g;r7S@b#=yS(nRPx&Z@JG(wpu-^DsE7!g>M;< zJPbUdJS9pn9!(-~(Rrc>iSw>2o+JO8e56}N7=#G60vSv_gQ{h{3$T4FWqsg@RMhQo7>S|i4L$l zd;_--SUMWoaNUB(il$CXoM~^=2V?TYm-&js|1qL%qL7{817kQE+xVo(t(bRN8S3?U zaLFq+T+Hpc;v_^lJSf<8?6C=8?cn_TqPK;DdIwNpQ9@IM3goH2Q6&=^d#tHBd5tG_ zRbYm_5F&8|y>Qyock>uw;C6GFKruvK>4}UV9eegA&K(zV(H!_u5)`lKqa4@20k`9 z!1+~}DV2jW?=|=SEMX5Cr3KnO>pzHm@zBZZ{w_B4As&?3%iyYpC3=UBY{~pU@!RF_ zk)az2v{@gdzWzGR_tr8+~$@g!#iL zoAnp)sDy|r@lUrVlRz*!XK?B#RICM+>MFn_A>bo{{ZFMLrWRpDW=hRFbDzE{a95`M z+0VOUdU|0DQLYYg`U8jgly_+xx;+J1r{)naMaC$iw1%+QKQSCj*Db(ysS_eYTYzQc zTFM;0(=DMj0b(*Z#ZNNE2n#T){l*?a+$Gs`YghMmU-nf%!OKPDUcO^;;Q4Ny)9OK) z(Nu&l%@AyPK_MQm>{Dra6uYOdK$^w1a=C8)tJ-Q!##B{oji^D3*GJdpAt|V9_?}2* zOH`>z@sKb7ghpb}u0BJ#wsEZ40+RAUA+C@5=`e<}-A}hJAANI0eAr*!SRxFOV|5G1 zj7QU;SY&v8B_bk8C2Trx$8?F0rWq4)!oi=au}Km+9(!>#g3XcOUb1vBol0<(4&u_E zrakfiYGDGGr49rC9X~A+Rk?B+AMrLi3mGt3AHFBOkHqxdnt9n9WQf>lQGW@v8v6x9 z5Id6;2u%Kcx-b+LKM)WRZ9dfEK7^#dJDaY2!Thtl4y4hbweaCW@gPDb+YjRZ-Aa70M38I9!PtM%}*O8?Z4L>km}vw_tOcmoHq(`JdW zF_Vl^P3Kq3`j=I|2O0Gy5s&`wZAXOuTPMUesjtx3h0gV-4db4#)$lLmVSD%;u5X(7 zw*gc#BJNLBdi8^zZoqW4;JMSZd6ELaF*_6fRU<)$vE{l8-!pY9;N_QQmf=|(7!(41I%*OlNMqo0m9JSm`@*Oh=)$)?e=<@So%9EW zqy>w5^Cho;^TR;u4RJ7mI%O;e`xC7BY4QR>0D&5R^J00~{}g9m(x{%-v8 zV_@)xTq-RLA{tKPONW_Cqrl>sh^H1RL|=n_dYC1nJK(pi1pNoP^(=9y z{YEoYC5}2!qCEkmB>xM`Fn&1Vdz^h7y9MjuCB3hH*==Gt!K2`2oq;_OD*A%j;q>=w z52fHC29f)B&vT~PKa5#)^@NRA_&vD1<(_*9$Ptk^9sB|BY3Vas;zc7SSuBApkx@o| zhWR7$P^~Yx71>j^v!kn=tZQ1K{~DJm;6%bOIg-Ca!R2IpiftTd?>)BDEWmt40Beed zKvze0KAQxy8aB&u&&;@;?@cT90_9?v<8!Wm6JB6(1e&o|{5k--76|98(i3n;nfq!} zqEq)-hRz;NZ~lMTBpB{Q9K0KN194K{-JMlC+Zj8TkXuS0z>1%5Tvt!TQDSmRym3>j$K9d%og2a z+h&q7kU`mFcfH7hqte zWdNb3UZLRgm$^Se4ew+Pujy{%?{T^HL6(X{&$FGm$-nC@5iAPyk*IR0^+aORu9X&r z5CF~bj#Cd2w#|Zbc>{^7Lnnc&7XL%tp{j5m!zA?0?NwyQ-j@aXEWh)#nFA3lAzGgw zlj*O(+&D0RB=+Ma&<~&!~~exCe10Qu(2=Y8p5zIpUA1RkM!K!~Q$p353t@t#;o zo2q!R5{>f2C(Mi#gYZYF+hd5tmC%Gq}w8)O|^`Z4KDatsG&F^OcIp$?L+~&i?&jGpedn2CtI5S*Njk5_TaC4IXVizzR{Ef$yS5Ca|ztP7jfYG-WyKM}D zaT<2`+T-9^wR6AaPE@mw4j6$jp*t;TE2!hv<7DmiBR}0*Lzrd_w97LJT{O$}d?r32 zVYMy_K6Px^JL*d3zGy%jk!Gj>%(>^hM9YT}$;$R6AW!A#i%|%;B?6sa{ug5Bkpsek zO8Jo1FA3_yo92ULZJ?Wl;>DNt2R#%jKkrY9-%hY$iK5FjN+P_JqShJ@B3?^~#FMW1 zKC!VuK@tb87c?I_{h12fZ7QoAIf!lgW=<8V2kfeuKHknGeluSU_xjrF-)U$gf6z)a z=7mbFjC$&~MAB;XN;+~dl7}?IIwH+uZ}DQ`;(P06b0PWZTMnc$#k6M%D38e*jf{-+ zZ+72P8$yUduvg0{x}DLK&sV~UB)B0OVu`AJzg}#V@Ysz@yr3yC5YR%6!+Z;1a|sEF z%NO6y$v`3ge|}Lc${$BWY(Z$MAzotHz5ObRHC4pm zG~iLJy9-L@QXVtOpZ-{BA2A;v4(TdycaJA!=U0 zQdzlfgwzBA#skTJ6SN0V<<2+0U^}8rI!f4B*2fp>FQ|8-34p)C2@XJpJq>--(=p~{ zNYJAtMjK2l-mh7#Q}&@p0G5lxQe;-5p;BcmX;3)h`{(C@!Lxg?IadmMvcH4}QouyI zTdk*t(`JYL9wsYHe^(lHE}B|rQ7f-N9Mtcgw(uRapG4C#FnHA!9td6Z*8q(&*>q|T zXYEA(&H@E&+4=6U12IJ%dmwvnZvE$2?$uizx&FGx4mi2$*bhK~2<g$h2d4dXE%nzQYCGubbHFX zb%5m${wbP)!%>8EuhT7A`n)vgQ*N$LhWX7S_{IbK52JZv*rOCjU5gRK3<6TX)h!qM z&7NK&w*yLRK!G;KN}9h60m~+6q1&cO9=A0;dyte*zi6M(^!|s zAYZULxK48Pcl4!oH>d+BK%`$<1xT#%WucpdkhNdAgZw#dbnAoI@?a5@{rKK{O%4?OVFDF26hr( zo}Db&cDlluXP*#5@kpiy^kLP?E^B}uY?|NL0r4e7G)-dpv{;ptCDarf$nONZVowa; zFi*by5qtSPBOj?BT98l}p%rPSaf-E&zCIDH-O$<^UHMbx$?6QF0G`*$9|Kn$~PicUmxAp|AJ^XRBE+;jQ zKN>vfSf_D1e)4{JFM{b1<>mp5-GB$u9m|Zq6fyXgb>K=o(WV4?elxl@pn{C3_}9=3 zA@k9qxVjb>T{Qg@lB`>UNpo1kRdl3;q8R|c9QjT&g_0}=6YqHbiEQR@55KWk zRiDHN0`lGQ2EcuU*${ZSPK@961g>q2I($Ld!NfmLc})@CRCzZN(Gsv|BuY{G>Cy)j z@oFM-SpE~$zfi{}CFQ5#U+gWE%yhd!^KX6gQZ8ysTlVsHAIVcKp^052VFsuxJDVDo zD(Ae^e?RB;&(7n%>Iluk-A5=9eutygWEyt6vMDl+5>3u4>w6zz0Jb+NGYb(Vk?@&ML z@XN?(oD{5#s)bT#Ldew+F=;<4I@n1!4R>Mi<1zsE@dFpII;b>`R-IG+?M{qeX&KoI zo7CHz3SWXewmNeXkQo{5Y-eh~x}xP1OhG7aIs6o;t~Wg#%^}R{!Xy6Y;2~l+xNOC< zIPid8B{*yvI5}01u=Moy%36S<&FQP^p~1xbv-6HVUFLty9UB|I{*Y3)F=bIhKxI14 zrMeZhUtbgpToduTnNx0HYep4^(&A(ffyz$x{q}gDyPXzI3jyWtY6Zd%EvH*^(;8W= zu~k%mjvYQZ4Ctae__|*^iU`bYxp}?^zY*Dp_I$U56VF5{R&1{tNs13}wZw(r{++rZ z4q)w-m$Q>{Tp+Tkij)Hji{tI-_V(L*EI-Dt?j{O+;6W4+U+kGRVt`2d)y7As{b7=d zj|DfKJlLXo&8{c^!V6Atc!=m*+3;OC=~$nct+g#0xBFXZjag@1cLUz+kM4`*n-D#3XQ+-&K!TA zvmZ+8k*N6CT4JH(VK>WTWKPQRXVL(i6kFb%sfqVD9Q&Y1DKSc^g_>WOe^nakIQv5~ z(p0%Vf_R~~^dIkvPYHxm^q7ncl9fN)N8jJ6A4oxRT%8y^kgmAfe6fH8QGz1HxmH(W z)`7NOv9&+cD#*y+9kd>^8YA%9jrUkL-~AIH4@E$={iYhP6d2mAQ<_34o;%SR5b%mm zRYv#IydvU?7fYP`_3PKwi|NPQf2|FhYo#v}Bo4&_yBVo)pUqgf+5@jotlK}_w0n?S zeS`K`_0@Z6H2Wr1n;R=hl>D_A&em_5$LiEzOmK1`3tI;08rIT4@{Ze zxEY7%1JgPlb%jq-Q4!-eC@^|cc->3FDxgW^^}hgG*&NvF!eO`8g$54rd8gnN31cAZ z(b3UyOp3wO!Fdc|3yJ#R@6i2`H}YJJGl*D`t+}I!Z z>9|UZ%Z~gP!vg3X6~>}j&WKYhFeholz#3RiPj_VlMf2%JUkRWzK^~JV1u~k#BQ;2W zwuf;KIN++YUZb;AoM1(A5q2!2$*f>8M`~UjPHF2o1Qpx_a$rl?f?FDBxB*m@P%dhn5;VCM;NX_$;$E#ApK> zMyEl}!cT7haVw%s;($L@nKGK1UlCvC@gAm1 zxv2JxO7s^lhuNA_eJ$Je^Lb$|hAr7PCE0*5BXf1Ue)3|z{trD>{siCePls>TJ0lU0 zP@_qObw6s=c)F(X+Us-jP0yMG#|-f$6uG1mAW_s*G~YFW*r3Vga`yoQDgt^T>d)=H z|0f!4N%(VTX@~(HQ$uV{3`H*>KehrF;1odq(cJ>aWcl|CE&kd+5l@s83Is0B(||f^ zMx5*bKAS^B+c##ZC%$OYSa9#C?1m#PFQ14daw#f&w}xlrX*9x(I|UmCX%IO=|85p;;Uf-2FX6pv09?FIWcUYfsOAG0lUdn;~d~QiXyb;Y>2q%u^@ey|KM3sI7)(!0h;?; zaJfM{JJNom)B!aO&C6s~1O3kjeWdol!1t2=#es$G_f6i-mT}X;xy)*@1AtBpi1G11 z8~7`H&b$8sxjZ-xZfBo&gVjgvu*I5}DPIj`vsB`rsWTfo0vG(F-x2^Uz08O}t@YKT z|L8b6oDLxe3_WI-gUq*hs9v9Kt+uTvSx+^z&k_BBGUQ-lj1_oUX5DjB336Qt;I$kX z5}=*43ZiN3KkNcl9Vkl3`cf%Fkjd*eO>zdnM5S|fDhZF(Q`PcRpOO4P*;;#3Yh$$< z$}wuw4xEU29Kdz$Lt^$=cOa)b3v+veRW|FgPrtJ5UuqLeD%y_2cjwy{ zc8We|HTrlC;*)SW<(YXOz3lyKQOfn$hPv5E(GkR~0jZL^wEffubb_q%I@GU}Q412J z5Voc+7lE5ZXx(mqqv{$eFzRt&JcX(`4l$3RKi~;=?l|=8-`>IeipR8C8tn$R&JAP|4YjBm`rBLmX>X^NDl z%5Ss)Ztz(pU)JvZ?6W`1*Aq(R1;K;~Ksm{^Tg%M~?e9@KGje~u|3{H9fN&l%m^`!` z&00GF(Wjz2ZPE;2B=GQEvG?!Jc3>M8!B#`5rD#Hr0;Itd($cYHKle*U(Tko`hmJ9a znkoY~8*IkLi7e}vuo<7gjrP@xS-TnsNF*iK%Ld%;<4L|Hh^FRW>j1h3rJnmN&Nm)! z05t1roUUSGrP(EJQxw6qE4=Lg2qOnrMOD>Iq@M~UW)Zn0o8nU7J^o1>dW}MTu%xoo zZJiiADpqJ#WL8Z4+0-B?5DbG13uoD`uwXa6k#Q$P?7xvW*|ZGlYwrW6%1t4OOu(O1 zS*uBVx_;-r*!V4|oue96(PRI)RWyG4zaa?|b_;dbpMNeR>V()776+lBPRvZ+IQcQC zUIIs)cAE{Mo#>O?%GW{P09G$61dqVi?6qVNS`gkryTSK#;WG8%&d;s+)0nigZnomk zQygho+4vaYTV>$c<0nS3N+aAhmku7+X%>0H@@N0rEinjL%%8ni>M@m@HZpa@&&RZ+ z{NBHn+t|l|rXpJiJE{c<_7NiYkKfn*IrR_)0AUFo`ls_dzN`>*KDQ|b zZo447t&$@JFu1n(^6k~hF=eUW#_)%Af-kVNH@!-!&={fnh99EOIR73?I9NBrF^sj; zLEZ~dk8KL2)>l^ivN~T*K|qjC2zQwh%GO%Qlhw~1?38Do0kjV8Ad9z{tu1AshrheA zhT@(`)oznGOmMdUj{l8ZGJy@z11kn-W#0Fa9iMdt>+=oBT!_btU@2s>IyyT3Ct1Rs zsTSCBpbb?l_o|Q8*vpWj=bcNNtODz+QRbp2^F66zrGR{gi-)(m!!rkWMPdPPt#TY^ zDsow3d7zIn0SWc7<*M-Q8Xl0ydhPJ+hmINWQ~9KbgK5)oAYXu&>0fmEAIAtC1ObJfZy9SdI2tyTs?{UGh4rDb36m=dV zE`tt0Kgbj-WzV63pdqi&A+aorziSCbhwaVP50pUt>undd)g^&^ zDDV9Upxn^W&~#a6{W~@%_%;k-b&M-Ruq?o>n>n;IH=$hjNL!MJ)&E5&O;KxtBqqBt zc{|)*{)b0};=J=6#HZN(+4E(|OG)!tKttmc4;B# zb)D|!HLR%9T=3BWNCBK~@_M&*Y|&+}rMq&Q`AV^aH2~CVPE2A01P&RPHlrkj^S%o% z`bTX|td9p{=(Aba1Q$;f$as6VOuPL%Z9@n?9|-95s6u0@@gz>_Kegd|1;z@YIFSOsc#sSn}IajIN9m+#(>qn$NFp^@1O3${>2jZF*5 z%g-Mu9T7=!k3+dg6{5ewyKLjooq~yyb z{~l?--LrSn9LfC7e)C7($dFfxHm0-jJ_A_z1`V+~)KA0M}Z!25zQ&vaKEb zSLQ`DfTRm~Y2aeB>P!rD3q_{&{Hx8od;;WhXdYZJ0^T+GBMrm2!vNbhtDf5{IEm=+ zyFE@h-uoo!dHHa2lEoJL))!W@3VdbuPi%hI?ZlR_zmko*g{f(tAiq_-;BEgCLYB_| zIqbubQOR9EoGW)Z9;T_c{Rk9|(i$k(0r%2ez$9yc9|uw)W}U-CPHxIYaHXQ?qH@6i zhQt4eE}XuQ+-1>Yht1t#Q;Nz8)z9$rDh5)u&?O4MRBtFb1#!THQ-5jsI05^KPv z6j9X_pqB#OCI8Sm=npvL{^9v!zpx)-Gt;6CRD*vNtWd4c7rL_S#e5^wk4HTRw`jUB z1l8>}bdcpxfr9?GB2e}97H}yHD3gGc!32kZ-lQ%xO|0;=PyN`Rl`s@D6fy-azP5ZyFdlg}Dako(frH=)XgGGDnfsuoh`o?4zhjumquJ5m2l zuK<_(N})!Szr{xLtu+lMe**6RC*1x2%&rdy@(#L)gC&}&w!s) zqV_ueJxPDM3dsP0?@jZP4B*kz70#_7_yTZ$EwH9xWc6}+Z6M*eKTigi5{LS!#kY87 z?2UhtWys*)gR&`8^RmdMd>%I$?srP~83mLmY2pT6gplSl8GSDQ}eM{n^&$NGZ4FV=c9MW5^{E>^8b${qD6k zr+#2pBk<&N=T9DMRVMLlHkB9VW@a(~g_qSHDr@Wv=>T#N5y6*SGekB*RNi~f-Ooz} zPY=7}J?@(B7y5@2(ThDd5M<5D*jIn`I|Nyo(^> z&~MvAKii&6U|(pGE4+NS^|LBLtwLXKeEg{+`2*k#z6Od)~1+W0df5==JZuy6380&n{cDErzqRA?u+ACg2w6+@F) zzLJt?BvS=Jo85&|G@&BfW(kBhv&Z%=)uF91Ie z4LUER+RV>+l(?WL{RB8(`wP~J>|)dVAy-DNUK315XBj97iRSV%0rbsi8sAe`ZVued}`q|Jq#SJa5&_cyFmh*45VqKY) z)j8SeOE;B9r}U48#tUI#nzTj_INCLKCAu#KZe>J6QZQ0pJ=&3N_Z7<1o(Ku94`%_F zy1_AMA_#0LZql_rm_a? zhWJEUs&AJn-!qzv$OKKu%&d+-vN9Ex{Hpvgpctac{$4YuW}zz1DcYU0E#5_4qkNH8 zGy5mz?zHM>wXg}j`8Jnz&zUL{k<2>zFUBBY=_N+}>6-G=k3YNXmnVt?`()h&&OY%^ zoTNYLQyL7O3FG!O^|P9;&)|^&a4=y+~ATQ;}oxIh6*p0*^p~egn8L(@N2k(z(-mUcWN@eo5BOi}A z_qf}Syqb(tcx<@Ip&KtLry(<5XWCfk&KDLPtrD<#8$49~Zi{pVb>(Iw>f@I+s&x{x z()a1Bb&L=1Y?T_{eZ1|ye`7loA1D<)&=`?odYdXXUM*>&yFR6_KLOv*c@mgtwBxh3 zMUorP!8)xIWQE34@F;Ma&~f)J7YM|hf+R7uQVWeOjc zhVDV zB2>?qj}v`%vqWR@d!p|s0`I?RU+x~x7(T$adEJh+^ocRH{f=Uf>UTGSGrog}WTH1; z4&qGu6wUgCPu}l}4>^#u3Dmaz{*hBR=+^dB(P&}wyFrgYqm+oAz6m87G3Cct2Q2_X#wlDk zT&Go+s?bfRW<^^c-F?!{l{f!LGy45UEl-l4_rd1?iI{%<{$5m2p zwA+oEZGJY0YyN0pIjH+_>y9$*>5)OqNOhDkH?SbIn(ukWY{x>N_(3UMkfmhWCO)J2 z!o)bG7|-irQcv-7PFu65i^@~S51~ZU5_dfVPr1GJzW^d83FGOz`P)1%#_QitnR&eM z9uMS&J;?@7x|_(>h~f&@Z2GWRDKmFx-(J;a@9S}vh`8O>MpC#|{3x|r8_6F^S;)gU zs(79I8I$DQm)gJpEksi}^w31Vw)?7hHeFu3#ahIADKV~AS_9u!a!hyT6<|BFXYo= z#TeAsMU*bp%7x5(eQ~iw?Sh135@c}@mB-o^S#(|IC>LzQy!!({u1IU+R@!0iPFN7S zcxl#OTGdJcuCIaj29%jo@DfZ{3o@!7AID6ovfd|%^zR4x0xh!hPaB&{fPPX#cbVe_ zKrR=f+U-tbrrMPcMB5zj-1-BA!zb@MZNC~U&#kbk>8bnu~}I6 zo9PQb+&$=Rc0`<_?0$dljK`@q%AwarllARdM=_lrxzsr|i9d>UkYRhV(W0GJzm56s z@O%7EwsNj~#&3^*G}5LgKm!L6y$IRK>ujc^Lmurvd9*#H=5$Sdy|uoTC0)myH2Jnt zcrlPM_UVn-%J6&4?fI%YmxEcw0V4hP2W$0vH>O0rT)5jaD_9}nv2Whhm(wv=>s98e zruEp;W-vZ{65T&Nm{ah)*e&IL#w(l6O?EPx5kOB&}ImF;kc!PRnt1 zkSC(z#k)w=n2A>-wzvEEI%=%?)fxol&0cPfN^9wNu**E&uOU%$V%O>FUq^}q6O3_@ z$P*g^ie-@wTYOJKBisSb2mX0kzbv0k7u)pDm5fq&AF>z%ka71oLL*evl2Sn%H-=SY^q8VT#&I&Y^ zko=WVf}EfG`mV`o`H)L5!|rExwBT(AWTwI6i}&da=y|Yp$^5qlkXjleXY za8USGYMNQe+XHieDt>W6)MZ>H(8=oC>^FzTmh8K&9||OW*XrMYy@-7C^&)AC^7)Rr zUt^j6Yrb_FG}MtMkKwnm#R{Uy_5SN<2RXxpf+Ew!t?1BXK} zX4Z#f?2Pp+sIHfrw_j@hZrH#ss1t3vIGE5Y!<;fwRIM>ruS2(<_*{%h_CxBK?F<_l zYIMI0Mj5^N;n=GJI7-*+O5Jx1-?pFBrrBM9WP) z?VsSNLo#X>vGFk-nozVX@$-4goJaKLSpx?y`bL}2dsA$DgQmL5(MQX}GbdVi&N%q< zz1HJR*&y#r8U0E{T-x-XCk@A`j0N2R0fFcQpgWE?3tfGEb5v# z&Bjdl8IRt$$*{@mXL`D{0O@z6a&_0!=Z<(HEtRS{7n%#hNiNK4x@HELDzPJ&1KIl! zbOpK#e%7%KpE}*7Wy@2pr6aO5C`9=n{Yvg^f#m0xWo zx}SC|uoxHk?DgG0WArnG#Xpf!^c+ApRwJk`Bv~V0aFD*FdhV$*(7W-CRF+Nak<&20 z$2NK5!BZ6^jSr823%F)k$H8_n45FW$Z5*Yg2fvn7&O#d(bG=Yoi3YE`r4*&79t|f~ z_kjmjn_?Rukxji;*ZZ zeF4x+?PDj*JkmVEn@gI2@rmnAgi;%wXZEZyN|d=`>(&|-D4JU=zuk#Q$q!DLy%(SJ z<&+A#Zlts7*2?1kGS+B)YgPwb&T%ImS=e+YDv{rKNi^4cVZC>4dwjOSYiUx8NjWOF zPbDB7_6bWQtx!Y4W7294Ui#z?<|icFy!6CzrqrpQy?hH$RwdJ|r4Lz0u2igN?Rq-6 zt2817%I9O>(ayaJZJ#O@s@|og$^|ZsXMA9$H#w45ZpX7Y0cDOWiV8G zjB?g4mjtV=mDjGc3|7QHXl%w{#d#rPsun~Z=u`>O5S-4bd>m+oOkjrY)zrV+#muSD z{6y57Usa;~=eYdGX^v!2J}f+V0s&X$$@|l!oWT7lb#vxuvAQ<`{vkK#Pf-ZE|BX;yt=mUC&>t~G64e4ji2TKkl>NPWkl-Vr2>BIaS` zsdRD0Xnq z9j^byE6IsLHgFN~xE}Mbj@OLm7G|uWc({CWnl_`QZv>XV^COgu1sc*x20L$sM_sp= zBT6wB(Xz_)D03~=+VW{+HZyBW1wRuBMn7L?k#T|qZ7XA!a>%FA4r$n`Xnr!$`X-D{ z6Yi=RNYnFdZ`N6v!0w!G0FBuu@~XypgqrR~#~(j$2RW;FlvSJgDfvnox+QN571I7z z4k4m9%qsYBFWxnD?={BVjKP3PFO_x_=35u3Eg$z5m!KP6@R|y}uDZ+y>!l|hWcTA| ze_Xz{653c|`!FZjYV5i9)gwq+Q+lmBWI>2N|!Wbj9OvsN>m z+`GO5{bWL@&#Rc<6|($nq$6EtN1E*q456Fm+*h4Ave}xUpR^60}_s#e#O(}GJr-o=vM~n#NxvJjR9Nb@BGmIDeu#j*UebLF$K$&qyOFQyCFL`*) zlDV0c0oG0{)nK+F*{b#!(of^ErVeFh^)|)BE{zY5N_qo1d|r5~g~d|yDr%eAW1(E( zsWvS8lyGd#y*3XATzuPBP-52FPa~u8U#Biy9GVz8__yQC3 z4H;8MDE?6Y@l{`>fmB037-WBX=v(==G?OhMrfH3ey)PIK_nh{|ZC|)(P3h^d`%m_r z_4%XvvXBl6oQ{a@=N^tx6}q>TN9sRjn`!%|Qw*}GDSj>5t?p1PMS~88FD}s+s$O?{ zN?!*Y5kxq!etp`e54i?(L8_5Hb}!IS7@p=v(IqBwnlrW--quqks@wI{JRyfA<+HdY zq@fIyvz-pfytZ@BAKl9qO3dODNqvO8mfdoFZZXc*CbU?!uk1}`%}QS` z=+%ayrZXX$t%CMTmhbhsw|$Fs%UJ{x(o&rLFJng>LY>HyrzEtLVL=`k$wQ|X=Hf?h zS$xI{>Y;P zzXXvo2;Vd{G(^Vp0M$`CAUXViq{Ti)hzDiL?{ziSoDA)_ZOl>5?-$Y$B+N}whGXM9 zPf}qi}(Xl1@@FF zl}ndvw^I-bY9^+VMQ{EO?|nFs!v1`XK)vsv(EU-2cD*MRs~IgAQ${|XuCLQ>xq9b=?x21x>|rR& z+Ie3y+L~>Y7>7hEyuJWM-B~z{y+@PIL1*L#=|@Qz6=t^HWw4_&`>#B0+}*}Lkri6g z)kl*f6>-kb$qXoH(J#`zOzAf41ovpCBdGf``QpWbQVgFTJ`N=-kJachO+7Nxd6J2^ zns7TJB7)GUqL(C&`^-hk&^wlIF|#;f!z-s{bQZ=gRr70nC3PVowm);)Y}Iv#s7%Td z8F(N~ne5m5hby9pA0Swjl@1K@S)~y-fQ}=Xu2QWC#i&=b1~4pTNu#eHY)P^F)0`>O zcw}E;?y%IBXM?^rVC_4VytpV>xr|2!(W6f(s~cH$Dxr+gd%W^9Z4%}@QN%5EwEUp> zDGHqrEw`k8??8*cA4#yfeYi ziMu$7tS8AGha5F{>liKD9wLCDtL~B4RZPRIY2o3BUYGg8;0N2lDoR%>%{pE zuL1WE!ccp^!(iMxHD(48ew7fcttSVodPZ4SgaXvc!2&IL@S|MbQrE_s7Ku-^i93(?^oA0(~=L_bQXK^J5vd)|ww7ZtDs1xokS( zydXHcw@j0m5$EG8M|t}D{!_m7k8j~e(ORjUVXLSnMsyt+N#HS2R_T_LUqtS-zD|qC zfoI&Yp0<$$wf8@fTbQ#I&D}n~K}}HW*KWGnMWFs#6;S`ORzfKBS!S=7%Sw;7X=@4X zDraWdE7qdO$XGudrL6c}DJ2!QNqylZ6>v3{WVc zlv<{2lLJ9KOG-^8x=ip2!;+tl?|Ckh3RzpfX+IH%L1D>x`%TQjOBt%-1U*+glWs@* z@7w2%&M7~Fqt{YH-`E6s6PFD0|~Q(bU!OBU%`__iuZjbj(s zk8JY{vh1`5+SrLWXq&csBqwK4GZeXDn-g98j$jN9EM#wXllyl)*#k;svL{?UP@FsU zFK%p_8a#O!1-z6?Xz`*hVx(MoUwS(~y}_+AnH~)eO-70QSO;-@$xcI07&gV&;Fptd zf{YgSxT$zlr^q0yd{)Hb=wlumza#l*vnX$8>e(p9Ing$wjXu zyFw2T%W${Q-#ns~_wB{g54`IxRd}D>F=2cp;(Om>+<#<@sH-W{^>DqUAA2DG5%X9` zhs#|(y6H8?5^8VebF?d|9eG@k#_=ov5%P(;3FGLrR{mszZeyfPNTOKaFX2VRV>-M` zRd$u~s+d}lqXB+P-B4noPgy!71|gCMl3F<%QulGG8zB7Ei8ybwYRF)_e7_pXmxIMJ zq0&HsVmaC+RUeU2_WG#c1L0Lm*RI=**QQrAu%2Mz-s&27@=8*wqj&m~N$LrDCr{h` z_U44{D$54+S=+{L@uvs&-(BFW2g5D`Dm48Wi#}BuUDJeo zO}`piV@X}`I~?%#*e^!oK1)M26K$tFMjQUsxH8-oCWygCse(Ncz=iu;MeT8d1?xScuWg1JMYNJ9R~WCB&(uT{@Wu1Uz3pX(N;9oBPmL9y7tQf{Jg@&f|B`K6sK^L zm660@O#i`1nSJdHXJs^>cud2ON}UR}*t&!v9W>$S*9Q+bkJ7>tt8cK##e1`0O(4?8 ze3df>-aGV$^9m>(=?F{yXfM#p9CV+G1b6Ba(JYQ5mO4dCU7tBVL6uEFaW$$tYimKT z@iKo$`n)vD`{1jTnxk&D_o}UH%1|bGLQ!Rdu=}fw5w0ZP-uUd5qHvbQ_mkFNioCj4 z9p+x=vU~-|ypZ*IMIh3&`8anChjl4mg$`zONp~ zObZ9BuROcjqcWKEGNUhgt9<=%9dnV0@NLFi>dIpI)~42(GJeON9s8DKdbfn#`=Vb? zm0`%*-uE+Xgv8LZXVmKlT@eK&(BR>Sm*e<-hOBNz6N&qP>>@-NEl0pv&{#$2sGr{l z#Y$50VqL+3iQ?&7f58(8fmQ@Ser#;5-1tOibLUyNegQ@1EqZ=^iJ;r6S+V#jsDS-& zP0#k6vL)=@6fu$g%1>&Qyf*oN@L1t>0qT; zDaA@6jH;RGMLqm7`hy}mC`oiHa|}IhK=qY0kmzNjbr4p>=sh}f9o9_M>gm;_%Fygs z019HTD|H`_WKE?Hh2^w`4KlAb+}lz;920p&m%zfLwcp%b+*)Sm(cNN0ZetvrCoQ7Pnvm;ryObTI49 zlqc_3Q**|#*o4(^x~9D__XvQjd3U%*ORpyc0e&g>f(G7KO`Aw zakK{+R(9=qUH<*2(}bi`6|7(rLy|%?$^RZE%8ZAxZv77O1@6M+AtEhr;2*(^j3=^($ z(~2XiLImEKOie{fljKwoMl9@q7IsTmcsaGkVSU^}VutQURA|`Gbj73_B(3fEKCxcL z%Zh{>)BgR(5ahOs5{K+_T0`)>8MD5IMMGtEsURVA4*ksYJV_r8I^`q7^_px;C>D~` zjGgo6zrUlgKpurF-lLE=%Mm1R4_x$q`18N0HNyk29vOys0f&#C@Fogi@j%%}7nLh; z)66Ls?}Qoqm==qF`rF%b4=jEr!WHF5|MH~#;HQ7WJHK6a?A$L8OklmeLDG$q|9Sa+ zbpNdvmEXeg9MH6zscfnA21_9(G*4!nsRWSRKYZyiiAU_D&5-AmiF9q-vVD*IKCkK+@7G%ZfJwd~Qjc&_ymB-xEQod;k~6HBGmvTOzH8 z>DHz3lt7-Y!}!HTnH0Ei(RK37xeIF1wRhiPb+uzK?L@@uqe~WLA&aN{BVk0#9^H;- zT;(5r^BBfNTL&`nJmhSBWQC(_<2$ACw_pXFkl>1)Me>lu5}!Su_s)lNH6SW2FZu4! znva&2o}`aXx*_K&Q>_>RhCsm)u<^CvnC0h;U>RS}V1eg39bfCn4kQk-@ijlacjse# zjjyz--J93=3cZ7wN@+1|6S9c%k?KxBeJBAFJ5CZyx^Obd z_!JDz%!w}3$;pQGCL5hmny}^A#Hl15@yuvd4Eh#$#ldcup%CYI0svC zY*;=OAI4{4e54Ktu1R7kH91XVYS7i812PfyLU7fUutcejEN+odR+%=L=df;OZeyD9 z<_LPq)V8NFnO?eb0|+NGefNB(s9ZE|)Ij@%iU$QXgJiGUxKkAm9?N%%&*x=W(ol)# z^Xb}-bjBnbfGtx)b2HTnzDN4sZAwO#W|bll$LsMrbQ$C`!i+Vno5~UutvyhrSa>bE z1*J;5tlfBf-8^PH$SB^2OQmsHICv^JBry299#-Y~%!X>=Jyu{Ub-V+#&|@~WAAa`< z&GbdADf_-cfOKX>qe~XE0BNUb$3gLhtn7sCj3>jCnrTol^J}fex?*Fa)NS=^)WNjk zj8{h4cLi=SbQ7iQW2Pd;A*vW1?S78<)P#c&96q?O1}Y|bu9lV_9mOV=MB#YAOis+C zv;r1pweakcv?i&^K>oYYR%Q)k(B(9^w4Db@6AfI62QA@fJ$DaW6yxFg%Xo45#gq3+ z`OicJe73iMWMW!xx+F8T{C!xsV7wW+5?2DLPSTX_dW`48HZ#!x35ww$+FG@2f^3U3 zl&tl{u%s~cY(q(YC$5ao!_1H*lDSqvi(k4&9!H<*0}A;Qj*XN}BvVd7PVrr$u%TSy zJ9p&hDJ9CYH@oB?h)Fl z2dcEVl=DzO|Ri zR*$aj5frtrtlzv-E?>NYI6X}@t4+`DouqT8ROohnU1SAQVHSJHo{Q=S%XCfVaqRjhh88V~ncN1xBZB8PFbyERl zaRdilEEwa0#1UgFtU#J*9yfl>y_%_w$1&p#C&0;AZ9fl!?ZNwp%R>`KLK#a(KwxAY zgH;GE!Q6p3abpglrx>6Jr+Q%Rs=cLSn`Bjrs!>PWSfg zZ`@8r1i7l6U5Ygcg)UH{8zJ~Ql^I^Q2^8aQcyG2K{W~*2(N%(HJ9YB{x7_pcs++2i zhoa-rUbdBe-W0L5x^-!<#1HEYnUa0m^q*!1yovV>Q6-TLMjSJ&cjw)3Cc~p3fkZPT}#iY9#U8txG#4d$^DN-vU;uoS!hD zIma+Z);aQz*Yc9F*_C^5_kJHe+sngg!Pgw`VOQKIzvq0fop#!%Az%pPKp^{FFOKn* zZ?RK6$2$_YHog|)_zFvM8(*C#v1p$*z7`F?oM#*H;~)ZA$xKodjue)R5y90vk_Fu{ z$zm*tx$iF1l~THlFtsRZ3WdMTUQgJza>?AUIEzyiO?U0#+*+J+^^W}mSSiRe(u~O(R zz!b+!f6kz)AI|tvl?qPwoK-t2(Q&aARY`E_3)Ckkg^>vA%9sVb7g{mVb>?+sJYzeV zrkLjNG`%C)^%umSAeqGpCR5cjBMB$1jGx5R!Yo|vXCQ47Fm!Wp6dSHycWB#ESI3?E zVSP;+H&izit_CoD@;_evSQ<5`t=M0LMbREugs@*uVpX;pR<<)?mBkEDw5VeF02oGB zsGt*en!Yn|EYtHkq!0U&?q-~bb7j7)7h+Cpi^hnZv}f-DwOk1jTx$#(tXf?o*;CSH5L&`@8oM~kP)tWST`*PV_?bT)a}|6n17iSsTl(M z(lQZ_fl68vE4n^brK|yo&2fZrR4&4Osu9R-rm82F%nX@@fMO)S{`uM`DzBI!kN0*6 z{X)DPnNFgJ0nAB)5*HRen=P6*fpy{q&4h?(Xc{w)Bp#1tRzte|P?mCGpds9W*bfY# zO+tuQIf!;L&JYz9x&+aBPpwq&+mXB6N4ZxQ{lc-ZEEhh%bZH$sY9K6E_hP~4l#VC< z!vuYfe&;*Z0q-O+_bjooF>p!mCXE}`Q>#`!NB)$(d}kX%w#IjErvbprdVhOjZ{H08 zUkDWE_{s%OXNN11FPC}^*|s| zC`lBwoEXu)glSJ*ggaCyOw^oxYzXVjMAnSfu;7_6ewexu5q+kX{_x|uav4ew>*i#h z?O`39Wpv-VP$q$_9RW}I_hhXA0Syyjl`WT2+US_n) z+4HQs8r;@$u9CCu`6+Dc8IU`UQq14SL1KOJZq=<`aD{9Ll&3drEHd~e;)MRpymj@DcZ(#%i47W5^R9R{4{ zvz1qg#5-3L@q==<%{hMSmW|S{Uq9z(Kt6rSKHSTBSnu$;XCaoK&YZ77ULD!TXP@60 znEo0F2fUO@-qKZsa*49=8Z1Pp`13uYyt+v%D~*7TjzDKP`&b9xuj}YLW=Xtn+)%Yv zAV#!$`S9Z})Cb$KOr)G3iO5MS)B0=FB-?gLFToZgW~U z`o|$d9XaQgiL4|0-Q_2*!)Jg+xAW!lsGIGeYgk8QPNT(8ZbSevuV1^mp05`Qp?`?U zdBh{53%6(Cc8J|*5UOeOL5R9+2^c}SE6&B$(zWU>_FV<_=_?kQ1 z{u*BkH_OevO{ID(6@>u^(#(kyV}qnYp=C)=PeXRDG)&}>ZWX7SG8ZCrcjtq9UV^X0HYG}d!rEs8f*chwjjB(&O&E|@Dix!P#T=~Ij(W9i319-uz$@OTizE*_w6ysiy zc(UR`z)=_-rLj11VfRuYaw$dG&wg<>pp@3dccnjMABlv$35SsZ%|%{hz`ct-OeC>EUcSEkh}0Wr=V`enc^Qy1z2*nXx3O`q#f4|E*F#JKx#G=dh{O(+o1D)R>vpV6_}$;dwc1W% z$z_@5@9US;^@tS%(~cT30I^-#YCJ1{w}mU6H4%KfCSvihKBw>a*}7FTjnQ)&E}Z@* z3{~!ebYk#tTICgI-|^n)TH6D$*_`|JH?Ab0S#ruh{$?yJ20RZ~-B4(F?Lb}M-&hsL z^{C|0eK-u3aDgbqnzD~FFemPuM^OIpFHrK2mc}`swLsjbUDFTz?kkuaMPwo#wi}*QPT6BNdi%YuE3U!-!MDVBG#LjAhZPc~fcG zvay%DA{8CRra6JwP>d0C6~VjndM*mnCJs1^;n4*#E@~sYoIkH!nD+Sl9NrH};dTg` z91z)u22&2?CWE-GdbO$`g{t}cwp`bv?8E()gu;3!w-|ri?47P3==%-y_5FcQabANm zh;iVyBgPNixBb3=gX>p@dtE!kIBN>)IcA0PEObXdeDs7`?a@8lpNk!oe{~@D7{HqE zX{gCRPaN&LA>eNWY<%@MqOR-RY5em?jd!|!pvS*JU*8}26z4T;eDxpN-ZKaPUANR; zi2~Z?DpLHnz!x3=hg{(cOBXs$9{pXYOy;)w>D1$_g0c<%F6^(|V$Jxwp3-tXW|#Z? zi*Mu@(h`#Za^i{LmC};43v%18hw>kES8hGVXNZA^&tJR*x5dr~h#RffPEo>X8-nTX z*4RVNpy|FIFX?eXr|z8fINLps)e3On5hzthj-8a@L;Go_xlmJnO!m2Y+TZ`u0)x-( z?ax%vYT~m>E3`XVG0}yYagcI-nTk-o>sjG=6@mj+A#maN!XyFn7cSGRf^@SEg#6>P zL~^IsUGdT#Sq$mo$3hp#)oV8+iNSu2z2)?aBhT_H=bYnndsZF!H){9*P1+D@@~;rx zZl@Rm`9{FT*L*`&paX4uEf8F#@?aZZ{o8Fu{N%us6LgXkfglPf_;12ZB)34AY(}62 z7_VJY6Lq>GFvbK^e4jz8Z+}_;C^vv>(}y`88Gx8+Dd$9#eaMvT+mX$N6Jzf8(ESNZ zp$ngrMvdyJg#_aa<*d8V7cQkIQc)nz`}ZGl;S9F}{>T1~V4!aNrkeoq=XWZrbpPRZ zT^Yx5EMW*<#s6H-D~`v78Bp7^-;$8FcrP+J)rD&$1Eur5VJs8YpLqGIUX%U9SSP$5 z1Auv;au8J&sF(K9O z#2|38&t-AQIBBk)c2ISFx`<)AsCaMp$1grh?EgCvB>t!;uWRhtb3hXCUNCl>%B{Q( zEZ}x#p=A7l)-9Xd7H5a=4N0N(8+PHDJ*&^NKcIEVUB*qSAe}n4)=W<&wNO$(xB_-K zpIH*!Tet2(jK0&5C6rm%2u_T6MMZ@3tMfa{hPh@fzibSTUU$LE!q z40%1L@L9fufatsS>{sjH#u$V6Y$qT#*KS%m!s>^0JM}P00%LS>&cW;D+)kOyHn{6R zRVx3qO}ERxi>Q+ z;>QEi3@CxSF`-(%a)Vq>O!C-M^sk({Rf>z1yYKEI@ra{AvcR)&;<#q*7TLIYrv_B@ z+*j1^R03$G&7jhZc~jV|T?K6i>t*`$FBdFD!0f{Tsh5-99a!a@G;zdjL6(oeGURh) zwn;=^>O{PtH{j#=4d|=GM^DPo!F@D6y^q5~d^cCT&$x*Yk}eGBdlyo2-+fnS4JdvF z>7{3U{xvLeuFBAR@0N}oTBz#+Qy+h`WUcmJue&;_-!=(SzJqJmBj7pQx00`=di0@- zOk|2_5=&h4zIf>}j!$$S!%0?)<_)D^-|mQCQ$wwQ)~w&InKj}&wUR!_ZdVZ*kly z;GIqM>upi?Rg8(2u3g$oPdp369r~-gkPunBZilQ!3U()Ow0ma}zfcA-h522Gv(vqM zM~R9oUXqq6+?TIhugY{0Zzb2$w`|)ZeS3G)!~~RuEWBs-=ch9lAYHqQh|TrnB5Xtz zvKa&bv!um$YExpQS`lu+kEfQ?fX?SGTy$TP@-GI@{Ln#n!!@g!5-x|1oRH6Ef1|Pf z1`p^dZCW)^@?^)Z{jzlBMr259DV>ldjdKH%L8s4Nko6n4%gHkrykrom8K!IJxJKfK zWDqSNuYeGDh#k6twQtWv5?vuzE6YV>@mmF1#>5qOb?YEKdvwx_eRN6t>YG(?QM)XY z9~gna>s9r7N!OBb>`@K6o{^sECI8Nxy{Pva9bLgK@7*_UUkm|5;5Gzoe7y}4zihDa z)h{px`9*Ae^>+t_{|d$57Y&B%9X)y!!IJCc-4rMunutkVdlhtcB%lb{*-Dxa+U8A7;StlpJTy^H^Hz&R< zB+?cxT8VVVr`3v~px4dM@mwWky5uUzpu^yO?p0HdlSzI=(;~=YTPS=b?sV;Pg7NY< z-3-p1zku6wS@e)xdG_)9H5e)Tg9;+amln+$%G9SPsuF$)#d!6>=1xN|h?g#QTQ8 z9ioF=K-%Tn$Uqbo6(K2j2Y>M5V^RTqavBN@ttGBP$vJZ5luQ8eQwQm%+5Xlo8c7eh zQZ#8;S5|4yvms~r=)S?#(C}b%XXi#548{n$A6vV z+1mA6WcIuz`rZUW_VHOc1Q!*ifNuy)9pansE!_iGuHNi^miz)j_C+X*D0k@|LwUrM z?(V+KQBe#OS@vIHitByIl#J|5Vyt5~EPdwAU*dALD$GUmaSk(=C0`Puf0{IQWwYe_n}B)6arA{gzj)@WBXi!9 zkBmhoy@r~0zCnYU*ayoaocrBrlXZ-~bSX)*vYkAARxX@Rl!vf*Lb(|h7OtcerFt8UwF2>1hmf{w2ogVwAo#_<)pg^jQN z=xJDK+W6`pAPaaE8(#xEzM92P_5;aP=k*(R=mgEN4uQ2bR=Q{gO=W=Ti80Be*)Ib7JP4qZ2di<~9~*yYsyqW?q}O?3Qj&NUKM=(tsa0bR4cKM`5{e%dLbfhCG)O zE-GkF9WM73mn)j*q+WR(D#a+d)y;b#p|xtwCaGV)wwh`?1dX2L=YNO;C&N_6IT`dU z(U>rD(#ZN#a7=n?1_D)*bc%-360WPA$q3YY9cJjUvC*0#h34lsvu;3nyRHhH=k?0t zoXwkeYg%Xr!!#(Gd-oiaaO`smG2kj?B!~s}WolZQu8cEI0+n^{XWDlviZ`+1S}`uh ztt65d%*4LT^y}L9&Nag^Nj`M=gmjH>kBPOn6_;~NS^MOB!+s!n!~UK3)pE6*sfOQ4 zSCgf4yOv7ge2MK#mTy4+y0QZe8PH2z@@9Pgm2AX2(!6OydG4tRLWOB7+_*NPk6rKL zoe?DgSG95_kULSbboqMubk^6}ca^JD#z4Yy+9HC_u313fn#XE7~P1#3zbnD)@ zz2LG>WFK7gy1?R*L27XU5O&9PTW*AlyAB*j$>zvDw$mjOZ?(xScX2GWThII8cM?py zU|G?maRXRZv{JX5TX*CCZ)`h>A8#i`7h%Z^i`>uP=OjdlBbDVySR+ZfES1xgL6IOT zDJLoWFajunN&=0FzEgN_mo6sCfdfaSEi6lz@rm!=&Yk;R?uyQV_*4=a^$;swhw_<4 z>qcE1H%P9sT@h5^vx!Y6B;a*S+sbK z5=0!^q9UVo+@)Mxv}6tD2UX<$vG+<}SPTst+*=kbTp6wSPa)GTf z79(wZwehtm&uy@tYvXItd&Y>LYz#S}y_|SOtq{104;LriO&itISR$MhAAo{?`pkKW zjf+NRp~g}fiY#NtP&Tg(EL3X z?lW91egBhr8pq|~2S&mQqo!iQxCkc@uVNLfhz>#7a0(Tp^o%s;r+%{TbPzQ$*~Aaq z!C;u2#Kxfx(sCHPoZh^VC8y4uQ{{Zvpx%o29z5HL zblZZ0Nu`t)3tX`}0Mc;Ts?E|H?q7^4;VAdM;Gklh2zRn%yf*{x>8=(%tJiJQ*ccb_ zUNE-L@Iig>J|!aqSc0~JtJqXz*{^g5;<+THy1_lEdzTI}YxcLksx8I)A^YHxN!(c| z`yybe*0^CE1aYm!#~+I8NqzTd5!e*&xZwZ*KmbWZK~x&DuPWpmV|N`qbV4rS+iB7=3a@0&JpSu^mx+YeIwJQQLQ zi7jBUQyFC4CCJtT2aYLm(ij#*HENJVFDE37FCqpCWus?NnS3=xE+XqvZkBnT$NJ+t zU|qp%aUy&l-hOWuGAOl?F(U@J z$rh5P>o@I?&4?xAd2L#q(DIJYuT#=NFtAPsdy?(a$ zK2!NAoU2gIW#AbYHT)hW^XL-Dc?Vs-NIZ^0pVMM#FP^oOlytmvF6$kpq9;MftcXjN zZF z6dPZ?K{VpW6Aw(3ox(|QPx!(=jukf+uA=STcUb=W@9$tT)nD!#bFT_>norY3V&US| zGU@(dI;kf?L(=F9l#>rW`BJtbu(79~{0)o*91NVItEkz(Ia#L#%BUfIWyG+)l9rwh z)9P6H7_MN;5eMKqQy&&uLeM>hCN|N!;NSLIG40{lrU5E5F%vjrxyUw*w(-2j@xT)j%wO7aK@9$J2^TDw&zx{L`zLZ<`L zOLL;Se$!4(ci*pfSLuSFqJR76`%3;e7CyPniV@dWi(-m?8b4~FDmp7b95n$+*BJ3! zn4~O4ZY$CnfAH}}x(pzKe@sShRGVK2sw>G%~Km0>rXlo8JCljw;|&p1dE= z&~dmLEtV4}&bk$By*~PuRwcB^AW;;KcaqOhs1{FUo_)}zQ)_iqp>-Ss%+f0HkAHnr zhTYp+9zrY-l078Jz6Ck<*{p>!3K$OpaZ7R{0`WzN+s8BJ%i7JmyyKHl_OXxg%D}iq zNd=XE*}zf;kc55ek#TYzvML%ugug+YoLO@g$up1Nrvx!wo9K@6+3c^?N|WuOg3Y?= z!gmP@?z6kLc*rpZXr_x{Pgr|=y=av# z8q|WD59L{H$fowN;@J$PJslPyO&Zme-pFM4${RCeF)iiX@&|X5Lj>g{NonOta%tU$ z?YbaQ3nU%gvmTu^TI$rPj=ERl6T#9E1CFH{tWzkb>4L}pq}54J^vi$!Wje^AV_xq{ zehCS^a2ffB1n69lJtR5rf&1#ue*7#JEVc@jft48JXnEQb^6&dEK8j~}r_5cj3|-Dn z%$70yj{o_danXX7Uz(jQpZM_|prz%Ifp^P86NXD)xR=exm`hUeJ;>z#h<*0rbCV!@ z52HDV3r)SLkT4G>*Lu-TYzVN90^7~NX-tyOzgUFT*X@WaQ%fg?REoLE$3SOvks+Be29x|3r#vjb z|L-^C99FpS1x;O8{=@-SS`zF>W+qzO(4~N@ z{_4^J#qHqXWAe|}KLLRiCjDW0{tV*AP?6{Aw43<3L))on(xQVa>$D;vQFj#+O!VD+c& zPq-fAnb1;Z`Kpb0_f|so)l{o467N}P7yFuuEs3AeBl@ZA`|Y1zmqQ?|9DT2AofpX5HEDIp=_b`)FR05op?Se?@6k$y;S_^ma}oo9wF)cqknl)#*G@F zWLQ{O{)TT73e`cbv##YJa+YBMAr7)Ixl_TlYf#^w)8NF_9MFIsF9V92YZ2 zVsVGD&}hj@lGQ0$u#7Ah;UfP?yrqDE;oKlU?-8Fhx+Y^%3{7J zTX!VLFu1W&{`T+F4e#jMTk;PAn3kE5khRfRbU6tNO=jaOhjxUz{B!WPPeULO2-x@< z2vjky`*VDSi$52eY3w23bJ1V?wtOE64A^+NTx*+IDQ; zLhnOQEWv+tG72mhN2yAcShZXl4+|Pv6EHaQE=)+7)#N1vp6u48ohp;g>O5EXNeq#^ z+J^gM`~wZ@%T>sH+!KWaUGdm2y?S((|Igle09JKe>HmNbNJ#W1dK0}DQ%y10#<<(K z#*Q7A#Bny+O|sb}>)n4g$!4A6^s;f*PU6IlZE!ERH>yqVz4t0WfKWs5|9ArjK+(UEGRK<)Q)u4uG_$GU@c} z)=9xk56P8bz5=4|D~$V;=yWf1k z<_Qe=;Ny8NZV3w~7R$~hMT_kNGA@ZV!orFG#4g^=IV20qh4>Wj2)wyn6m5VISPHm$ zZB*tW7$_68OUDj43%d8^&JwsYu;9bUs#Q=+VALiDI^iy$6V6d(3=NRy&^r)O`B6H`UG?irtMq z0keQMOpp&5?c_^w37i3Da92za;MvQDUD8kOeOO>+s$)1T7gLVoxRl_=1w(_ZXfW8w z)J5vyJ8!$%xiXT0jz!XfMT=cb68cZE64p7wKDseT<|s1iI7W!>(MIePQnq(iaNpZ* zy3%FzBKR|mvkwJ60UR(nOqRehIyE8Pb}h`1%ByKduR=7jf*b3Q`MPT<|PZrg4D`{Y!EH3j=@@SvXdSW;Pf z@6n3;f?nz^W+(251!7%RL7aqd{l_otBkh!J7d4yUw15aKwqAbYjH}3*Tgb6Wi#3ds zfW1=mT^S!xV1Ns==8DauIwmXD53vB)!Ta8$|LfAeuhp*l70XNFSiE?d6Nh>0{xEEPR3j?iRia4G_mzqreQ= zDz~HAO2bYt@!A6F77C=GeR)Q*xnX2c*9;jw)P3~$aeGg|E`}Fl^@Qr%t03O%WT-KI z0aYm&Ts#N$*VKXzS}(WD-zbjOrDDcSmWy8dc5O7~HVX(_CXoA}11@lRt*1b+uzQes zP!NqARb2ZN6y!UZ1>c?PH%v#|wus?{D;`;ezNz%IKm6IB-;DQM>CvijYc2jb!Cz!_f*rbDEKT0=UIkAcA>F=4{gOc9=){rw`xXI{ zu$Kt@8nUa(vCnWh&e7QRrMLv>Z|ETUJ(_~}doT)d&n9yq?p|v* zY*AZpahbh{_XN1IO99XUH;HpbyTWXQX$KSRuvk8@TlY&3<%tE!xTMhC(RI}6ihenr zgkI7=^xC=&TgBF@>s*-$&JBPKAPUe9tE;h?b7UNQS2}sQ`Xc?~b;TJ1h+-{qTrmUz z1lNh_%-naj{wu6I^aTE=mw=Z*gc68&ewF(>de_gdkqNfC%&#P=xj|tex)aOP&##d+ z-Z{?l^XoYTbe>;(;HON1DX?o!zT#HwQOurqWqcmAFF$abHP_;IlNMtzLV}E4WR<}c zi4~dFOwI_xRid5f+|3lTVucpfxC#Y^X_-|Pet|E4mKI(t1~FjS0fdc0whgj%%#uO7 zL-7{~j7#>LZ98_k#UPjC+CWAZSV8Rcv6Dz(>Z&dnE@a~wF4qs@3v5>09@sYotZXf6 z{T^aJd`>K{9A&wIiA1npU&1AD z+FG}1CAXC|&h$A|I|RM}sKL%6MiyfLAP8fISQk#tI*x&hyAUyfIG=WB9Ko={hyi#D zj2>zPn85{w9cc^_SU~_eWPQSIkYnto1N`6;L_6Z1$(ZEcJ2iGfjEPXzxq^Iwi?Y^W z_5=nF&&fZ4h~QXIcQd(>MG82EOXx!RjJ)%dsSa?Pz^{9x`~F$X!xmyM5FD1V$1&U< z85hKhp$+&)+c1VYXsp3DTp>^`Ut>4Y!dS}|xUgBVxOS;899N&X<)$l~kxZ7b#R6?{ z9sGjWg5A?Q$mL0Km#AA6pks)I0+`ZNW1HAu7~|EUz<}%5yPGBHd0`p?{=g~)OukCY zv_)c5af|@YJTv|C)G1|pQrFCt&PkF1Fi8L$KpX*@_0q*(tDHaSzXXK_uwI~gcFFCB zG1powxJd%g=4*^>-m=RMi=E23L4QA`;M&AnOBFzItpIvr-c1!VllBcSC8`ep>LU3Z z%7O<&XOsFZZH?Xn$YZ?Vip?Cvh7NrdP!C`Rch&;+S+YX%d)2y40*AIbedWdy-vPj> z4-{hBPM!ccxc;I4DD)SYMZ~8I0pztEs}}cKVxqAyLH7mvkA6no)WOCOdXDmmz(=QN z)u60F0Q|y1Z_Z(Sw~+f9S^v1+7cT)Xf%B7qpI^^UUXh$#o#xlwS{wQKHIi0~^c+9G zMk=XD&-2!6DUxC#1p9zAe1JS_lvZ_+T#_g-Y<~3rzG}}rKiw_92oAhMMyy-ZX@SKK zI4%Zh0x9mf;~IfSd2*Xr?iNx6hNiHWT71cL<}Y?yhbqR+h+zXA&HA7y-oyg{&>5#i ze;XOsZ)#_*r52gEuaKsdK#rI<^|b@uK_C>26=K$G)Nb8sxqO9;Txu>Xr{iY~1>g;f zRp{>%w2Oa_ST)(%*)IJ&abC74vl5`%!}^EpagBTOsh5YhSwm7AGrQLP(8_JI|fBT;)JC7RhX?!T=(j zcYzkm|NQV>?mO;FEQS~48b*NVVs*Pa1~p%tzp(*`(X?6ah{OZIV0FwN85V$clmNU5 z3=UB;ijLD>w3Ca;60$>zjGf>*PUajypB~yt?65&Rx-fI^&_RszMkh-G!po!2;{^JB65PO8mVn4PPz zASSj5S+3?Ugq^ZQ@obvA%Wx08QZYwx*Q}#9Pgflo0`~~|&BLH~)1-Gt4)5=nkO1V1 z7O&QL4(VKOf|fm91-g&A>8Cxqb#frqm+reopuEEL>KK5}HIv5)RG#br9vFoLB%d*7 zk+MMz76YS^eed5Nb_+?)Cq?)x3icfSUW^@#|1-0QM8d&By#yO%u;!F;qlY?X2QH0l zT9C$lnfxqP*4lV-pF#UpOaF^8ZpKN4sK7!Y2>GYS9mqWg^Q zBM#C)^-%(1@0MF45)pKwHbqvn3~Zc`Xc%L;+EfZw0q7XcN3JIUp(#3-V@|SXy0B{t zk|Fe!u4OIYPF24kp4uJ-VFpx!9YlXapAj#MQl!W9uqEquC+G*piqqTf{Ls;&>k9Q> z+t#g|t1j>Bil1ta^;&##fm>3q)ez)zU8 zLc3!esO5IES=@Y80XI=97@RPFa<$vpN`WyS`=4(*!*BPVefEjiBF7X&5ddb0c13@t z?+C^SvjO)Om^)|gt-!Z3g2I&+F)#`-3e~J2sWPzA^+7j-a@Y{pznS(Bkd4 zOm;42JkN3kKAkDUihHqhH$^++Hz{!FLAf&#H1e%?XV?i*xWip!*r^K^b78L@^^X|E z1X#szA%HUPk0D8hv~d(P!6HptB;%Vi1b*rAPk7qSBpBo@ZURK+$T`wa!) zg$zqDc9=ke_dpgbf@!CqP+yDY%@lC|);o9YF9!Nxtl|O@UU%>e7u)X?#l@K-H53I^OP#pWWekOpWmV>mdsBEK24T?BND z9WzYXteV$2(1#2@6bwxmgSb=@2)K^og)r7$dE+C?l8YQ;@y9>-7pD(16uacP7v6CJ z?a@CNpFa{XM0_2XhI|Kb6b|~-B4eHmT_$r%NcZt~=s=Eub=Y)Y|EIg$_qd#pK@0}h zWde;SsEs)nw@q{dm+`!$L%&4*B2%f}VNDQ+Ekg^hKu2KE!n`2XT09DRfxy0N#Ezoi z`bfNn0|L5R2pr3i-#Hr!TNUt`zS={9co{!rwj-unwg9a)`u*hJURG=u%}092Ow9}H zHg0vB4`<#>@ni%-!uSYe3R5SoWedj+MOFX+FKF)CB=^0>jT*^KOl(rsO@=+PJ`vm* zFcntoV(CO!j%;{5^$c-_VEyC^gg-33yIXY^AJfRRvCH^Y*r4$cZZ)l=L;E&%n>G<< z3$$A=@Y}f>M)6r`^VR}4hhH+#1#S*sQ{bXC>54Hf_TM})7cn}b*&@X5N>^ZS^k0h> zq1bCtd^LY7FM%2@f%wj^Y=(uz>E~BJzt)t2<>%MvwPYon)r9vJbshmeAo0Hp^6rhv`_OoAqkX00qmkfTEpqWsc`kueZH&cdtUxu~D&qg`mv@IF-9{b5bC zXx6x>pOrjk>5_#ucI?=ahok!UIdz}j<3L7c$c;obGghAX%QVMSIHUVQ84c;b2c;*G zJ4QYr0)e^{1XgpL{?9e&(eUvSv_mlVctO5ztc--WD3%NW9ruJS`LqHVqt7VlKHN-_ z1!klOc*p&S>ll0JujZ01f5Y}k1Ta_q91qUn9vnMc?+S>K>lwNac38NM;u=bGfz-5L zMT#2_N3#T~WV_4x8|K+>{`YAE%%bn`Zl&oO_s)zW{T~`OAstk7zU~<6&Q1gA{fa*! zfqZWfn=wg@PwJsPV1GRQ-0N}~K5=&4x|v3ZlT&zqE?GBv`phsoyKd?sNbwi%yVX4* zb%z&pUR!NoAd8w-cqam8=V^@)UYrcoK;iv9{QJs&M#S{>lClo&8=AkWPXEEYV;q(B zeDTnKfh_!QFM(J{;QZ&;Q<`6=#&Ld~WSzx`MOXOwHDphfv^iKK`1v&!qa!-^^z&=! za*WpeTCr7b>CbdQA7xki(osY09c7(@slbAmG}3&=oxlZC)ElBK_+h2sD% zy5y|FcNCNjySgKkH3No1us9+^*N98{y8yKLxuRR^TmT<{9X>M%ik8l*1A~hNW&rwd zZ=SWZ5?(hk9ma_6UmECB+O?HE#xr(L?`*f;bd_8;mb-wy!8=#>-dvAd0OkgXV&6qf z9{vsrt_l77^>nFm-440~C_?QJoKujf%Q`u7fDVUr;UjG&Le;JSa=5$I(y6K%y{QK@9)}vqCBV64da^mm5@iHO5ReJBO zj0Ia;C9U>-RmFK5$t*y|yOTs8&x@?^_nbd6A+h4t=Q|Hh~^4l7dZ62 zE|OA(z|T=RpX6X(_hiakiq-u#Si8osuFnkJXxx4y{Uue{5{mfgRo(oNf&%h3vvVk7 zG|?1k=G=|-?t)@rnB%*j3d6&Fhud6jV@0^t#)s|Kx9m&R<8#kK6&y(OsAOlxqlwM{ zttBKf#s3Op5#hOtopJ=WhWbQAJ7!v1d2tqj%5cf|x)?lhcS*K=t*Rf^GSU4!^94ffF=<05(@UH`q01D&j zp2$qu`~SGy`+t=O;Ly;TiXFbBe8P?>R>idbX_VQM`5znb5yPb&em{SU!yj??5rygO z#+NZ=?8b+~wplk>$rSJ{uOT?rbTFN?SAv=7r57sD-czmgbAjZ` zBB%W%1{Fks4Yd8Xo@FTJADq9;`c~|g{NjIqDDPU-k#rYHUFdcPKY%?mWP69heRrvU zdQyebSN+TvPNoO-Je}6H1oXW-UK26f)bt<9cG{W=968cH0B{@dG><%8NYct0`R(tY zfjGhIZuj^1pkFf^i>l1l`1PtED!CS%21$=JtJAO?_fct2D~*tc$%PsdXT;4pm{BT- zi&6h)7RJUw+dWLCxkvi475Io?d}uHW9b(!4Y*b18j~a-&j;IUijemFFoFk@{#t4Db z?Gnyl%IuDpuem!rE%Jdhet2ufirKvwXe&d1O|+1gN59(RURc`f<{BFt>lvH8RdG&G zU(@*>1MT0ZJk#;hLH#>c$w?%Fw4PWf*bSFsqII1yWvN}}=4H;iooB}G}Nh~ZDd z()WLaNbFia&|ftKJU>EtX}OlZsXc&Y-sF`yXlT^#W0+*#Als5&rf#eBnWi}WDovXh z3<`W8?Ex_%FA#ngz0${v?%_X+3#-=0LJKo99bhu~&Q*XqkC3uj9ZIFDIsLKSogm+z zj2!QbA%JPbpM|zD>CC#KHcH;#Z4Pzoeur5gzoC+<8t=^74$QK| za-;pq&FN}&^OZ||szKlChhW-kGz~04l~>&YpDB*Hp}|g0Td!N^Xd!KF_ZjSD)vuy1 z-vIZB5Jv#UrsYP5Uz#nA8u^mPW;S$Tzgl+MY>o|putY$$=XRMkHdB@nUD-liN-xH# zue>({?L3!GRu7%1i(?4<28>Tp_bqpklH?)j`UM6uGwWMLsQGyN#|@2~;2M(-J=-b1 z)2`zR8NsA6F4S{xH-DN8#DA}VfvPH5&yf#D`->leNre`wnR-oo0LUGuS@-_C9B%uu zs=7|g|87sUaw^-6jLdx$F`cx~UYe7iUAfd#0&GnPpN_ThRLa1F>H z={H!W9ZEXD0>)bA$dd0s7Nql<^?nW~CHJXMwT3A?fqo)C9%O>B1 z<_u51#j?b*gu}&pwm(a-69j***;m~mmo-1{LS!I!rkRZ6KF^>M#hxIwU5|>?6{7z- z@}9E8rR#d&4PCG)A38znG^pp|evL+2-#IMo*MVuD;oU(biZ|FUVvr90=sg}U8v3xC zkx4B{{a!YjVkDW+@hJ?I3aA6zZU(p>sn!iOO&xr!vR}jYvsrC9tya%%@th6Af5G1c zzXG{Qb(aUu)6b4Kc79R}`{%AL%%ZgmJMPG_h(X*pH*}3c>eACKcWZB9&ddK`y_(An zoG?17!xCGWG|!K<%F8Y876lBHh?s2<-|{m1Nv6zGWfcxMy*QJoagW#7{Ni~?MW6sK z{OZ`98^F_Og4Nxmq8iV65J`p}nq+S$Zd27F8!<8Qn$rH=Q2VL#5i-*3%n&1ZtKnz2 zV?%rYd5B;zTh!4@5PfXQ`*1gDTvwX$+n8M#tPq)O=hW#2ZC@Tv>X?WK5J7MKd9K+S z{JrbnnCgOtOJS~i_oNrB!G=@gfo@1^42;CRkrb=TmjoYc1shg@LO_JaX9@WMhtez* zGhx?!JTLFdugP0KvS{({E%Kti9v^=g%(?UfO(Nah{k02c(B{5Nb{-5bz6pMv`XRMj zF^J%QH~O`d{@iUC5*!8w_FRNxHhxe0 zE4e^uohBdFmIi(5RS>fF-tl{*A-Nv7e}eh=WlS|Ze@}CN3dGL%)J4qb6&v!nj;MBO z+)MAd6hG_jj}t9(M@JhPS3jgr_U#MK=eQjjXEQ(iJN?G-Pw%h=jxg(u&0d<%`((zh zAq}Hf;4FiT8D^0^_)GIdc?)`8DC`U&T+^#DN(?fa$QCPq^Z0_Zb|TUuc*%auF7V_o zwg5?0j^mJu_vfmVx@?8c8uZLE^q5=_P^ zlAoqBcukJ743IcPK0HZ=gYNhRse*C2J2o=+?veo);UP$i9vkqwpVCC)Nzr4@MMp+| zk^kA+(BsB!7zM5_BiiN)HKVgX%SsP8Yd_Gj+_Ogh&YB6I7%+HM!m+Ldi9wflL#!+#@7Cw2fM(>8_6cJ%ex=mC(2C^%LPL!Xs<#%#j_ zRwE*WN!fdwp`L5HdE|#hpG=iKeE2(PVaRjAsZCVOb!Bd*!>@6BB*_Sf z9ju9R;)7+%1PWQGb(ys&WOrH4xoxzF?D@h8IHjUR_f#Hx_uX~W`l&bRt5W_h!7Bm_>i~+5?KX!; zH-0tXRBg|eeaCrU4E;~eg>!%T>sq76vD1dzlX;~x(nQwTyZXc*%+Un?b2=|V6=_g7E!TLVFBmsOkHT9g0SIU=zf*ukdO&V-dQ19=P=JpQ|hW%6dbtaj3+N6P+}vQXv3GnpO(#USeSW)x}IGx_d6j5qd> zkwtahB?V>Ft)DKN%vpwn-AmF5`4~=c!f7!0)q(4xt}B+Wm6Ac8+w60A7cqvCK)>^b zWSPfazq2)~FyN6gHLS>Lpg>UMy#PI+#@uP+ZY9%fBI+sh$^j$4tTjN!PPF^!6&Jbe z&14R^{&?q;*FP3dc6m?#A6_saH+h+3&d6iQr$;HtN|2t6$OqpMK5re`WKTIJd!2ld zZ5u>inAG2fppbLibZnUJ<6+tY0xGQ2YYv_n#2N&KP=rfSP5S{QeKG zmrb~9z2eD9qJP;qiSNIDxjkatZKCu+e0lk1+~QHMr|~4*I*mwMYmH4MHU#b?mkj~F z43;zCw>~uuIy3}jCoS1guo=f^@Y=Y|S-r96EEP0b=BUU2#M#`*56TRuQxXcjIbSVj zM$M0e|2i*fkfrkIyV?2L?(7Y-iULkbX?tE+4%jh@vq1eP+Hx4R;hrl(3)p_!?x8U6 z>&z|`v~r;1-K5I|P>oRs$&n@&3iMI&=A2{jS$I!ggCIw&#k>23O-RJ8co~!r{Y<(F z@DM~UYu~a58;BthM~m*+Mz_|{RKUKjtr5(vBIYq=4!%V72^Eb0L#V5L|A$a}{zIs4 zFG(NLcyon%loGFl`6FPV@QAMDalgx9+{YyiR_SZh*n- z0h8_52Ug&eFh01ua44^4~a3)zUSrH${?5PPQUr#&l-dM)M5kX=-O<#LfOuzO>1SG zoNDsXF{-#2OFzVC_$@*$zFqpNgq!P_qICvz0(@&RJ#hWzVUR~?2A`3Oq~BTnBN8|6 zI(^R+B@8%e72z@K{QY>*VIk47zJJ!e=+?1a+lodF3MvoS$ZUyp@;*me_z*ply$A?j z7XUsYWqQu7!$c@#<%{-nejpqNumq=Zh-j)c%dJV^T1@d)D_;GB+%9tmpbVY`vrZqr zYm12}=x^e`^;yCr zv?~3-o0hwWx@j&u#ti4iUZHjrlaM+G<1tJb2V2keLRm_>H!cTMe=fbm!s9kHW*N_+W zpOz2t23|cXUk_hz-*#x$%8zI8dS3GVKKjs+tCO~fwP&gpMeXNZj(G9LN9k|hP4TN? zJMM^nr<&DPi03r1)j9of@^2rM)7cqxrOEYtjm*Z3y-~^9+N{b#W+66QFbp>8eF^6X%?-lNkN&)xyYz%yt?slB#3}0b=$=VleATf z+MdVyS_yUJ0iXEZ#IcqUDW0R9rY0h|jIRCXq39S=;a3RG)eawk-Io3TW4aqIdo>TeIBz*r zzFf^_XJ_9rwFXFzBr{=)eGPmmux%p~GH3Vq_ap=)7a7yu`j#60m-t4`S$hK!i{214 zuhJ1X=9)ynr1~dj`0wM$(AwDOsPC!&$ssH~RHL{I5scQKJsMhU17hZ3%PZU-*NI|Ka#*!_0&9Z=g8|hC_|>`; z(2S`k3*l$CVK&JD1!z?~aRI^Pi>jyJVhR11R_tsGY+ZhYX$}Y`%0A`)gV%lehAcG4 z(C0>dTZ$Hs^VXsIIs^;fy7f%|;}BX;`s=QGHCx}jdPpEw*3f8)1*nl9c>h6Fn)2SJ z$iEHV8AS|d=3POnZuf`a^my#PulXr-TaAEgC%f#4k~G)3R!|5EQ(4`v-xgUvlu!=c zal&$7!Pzrs6f5YbC=0x;(DCs}-(i;OUo%t0b+w%$zITDttNRlZHZ6{qTqeyyk#?#D z(>zNOi7!O!yF)rmHrAo0DmR;t2@%^PjV`c-{1%UC0!g1cN4=2`4CvCXt4$5h25^lK zeolh^qj>985|0{cYChSwerHR?6F}l2wQQP9wE&*4i0i}Sa4YM)(vmX8=0qFb<9|K` zNdJ>B&qQler=-sPsOQT*iO8ROFx z)XUl50B(9zqR|j>-sb7)*}oiDb9K=3<}+&93`hek-M<5$5JwB;JSixqB!PkcG%|%5ddHX9CyM%d`A+;A0t#v3DqmQ+U#B1V8 z$&BD^Z>p7sU1wfN$yK|L1oO{+#Y?vN@$F~J3%bkub{P9kXSZ9C=Qp6hU>nri{y$lhv5zEv+pU`0txITmT1TbZk=SGxaHBK}TtvfsJbzOc%9d5al_qro)_SjF*}L$$;RZmeLkysi7v+ z2yveMZ}Ahx{rud9iyDe*TVj3BjIPLn%`hn9VpvvE^4=>}a{ud6c-rtv8jO_%RY9oE z@f~@}$NPN%m%{R4C>a$Vcep5DPZ9ioROI(A7Gs$6kU<-3VOjLUB*xb!cU)4&xVIl2 z96ifQ=d!PjvuDr@o!EW~h*z!~$)ceRgSOdimuw4!Ep789Vi!7|$Rzz*x50f)ENkI()NMj1rgx8*X!ket<=@p+2wnL6kf`CcqSMT<2Pc8U_--D-dL9HvpZhY^t*Hrm@q=q zCG}-@qGv33lcGj8q)-jMqh>R3bL;kg8qeHH@Kim0P!!`a>mFWda&xNu^yGN6|La7o ziD`QmtzA<>;QJ3%)7ba7&(dl=x1+6{<^iizOfkQ&zx1{f(ax|FS}H$ZZ%vD-s6i0X z3+c!W!Cbe?TubvjZ;IbXh^y=Q#}Vy$M?xGdET&)oPU~*=gR-^hG9(5;uV7{BbSB_h z270s?k8Ts}z+1bevdPuc)&lh2rs{rg9n-4!Gg%Uu?X$)r;Io;qgzOw4l04=q81CP3 zgZiso?gcLH)zHKCKMirA1uO;{x`#5wEEr?SMlGgs)A7nP-ialV9t={yZeA`)go{4W zpuAV6CdWtp(MaHF2G)(7s-D>fHOnk}>N&oLYwOLYiV>#?xZxdI7xv95OMS$2C2yrN zYu;1MDKJ%Xo2`A!ebz)b(valPA@Slk@K54IYTHbQIKjF_5n^kY_MoS0thG%Ip4?Jb z$9(h5FB6tlA=C8+-v!z}f7W$to-6E-bj&o7`dTre-k~6HSi<*6Z-v!u9r2gC$5FRj zBi$V0z3*|Rt0~1=w%4jtx3!rZ_F#jUP7W;*S;hA!v7F`)y(9!46vvEp4u@&C{5QO6 zap8g|q6V~FZG^`X>iOw;7MhNslb0}O!$#mHyBZD8lnl}()`Z7FNvhSIS9Ru0ZGY<2 zWw1UXZd~`B@3BS%1!^z#JKvDs$ zF|W8ht6q2>u7}_f(rOL1y|tUfdec94xLlLUS_NUC;NH*P-)LHUc-Im9falPJ_W6u@ z>0)aHhE*~LP8q;y?T))d0r@E6PXoks;8nispG6Q1p4~ByF}-SPL#yUb^V4p7+WSYF ze(iSKY;0_XVQpU$4Uma1N+o0+A3syJxXcI9NqW^^A51SFIlW_~UV=Z46fUFW%_m37 zHr0`9v=!_Yn*K&*e&v%)U?LVIYbB=~tl92j?%oY+QT67H3*&x`zC9koO9K=^MZ zPrg5r)D!Lu|0S-+hl17Jg4)70wC6(Bh-_Y927ZAXjAu;R{D}E{i~pp)(BZ#cxQnLU z+f?)vU8tK42}ie8p_M49Q>T|1yVgEJyF#}OFgZ!({mw}g;YfEdC-=l8c=9cgNwQO@ zP8+j!J~~BK_X=b9E%qjk!9?k6TqE3Tgak(9%^2|s6Mv^&B6hnPjhI^PN=->5x$D3l z!_8&F{ete92`2p7!zRiz#q*%PW-(x`-YI4_C8Ef3sDLay$(cGz6!JFj(1+IhJLcN_ zeoU2xsZdEFT22s&VLoD6$b>&6Xt^}g5D*cCCZp7}7kCUc(&$+ah7R`ojyknT?XNDJ zc9cFX5a?~_mpmPPd}8==SaPf1E&9nHvKcmLj*%=aK6Wee|9JtxEBZw72||d-4$5Va zl}OZPG7$+iLdtdJ4G?}<9?yU&3m*e?TUVtGH8u640!#u+mHsO`X?DzgydmPPx3&B|Xece8(}ZPR8|$-|@#Y{kajn67%+5DnFBJ zyxltTDb9%avC@=Lb3-S_yntcvbQfsYC2-k)w{4Az=Yqa0?? z%HLAwlV&lQnWa&VPjowE8rHq)#TA7W8*iLuek+b2SdRdwzt6+XEYP$tRnO$Hk%D<@o_fMC z{5t%Wy^-oGYmwkHpI;weNcDRkP$EcdTk|uWSr^Nu7zXKAj~QqSsutX|pv7-yQwYU` zpzOg~!$(#lw({pQ8}e?v&!mH~H53+W3}lQOe42rE;n?yU_&&t@XdXH=k_T)Ao9Ml9 zl9?KOThlBr#g_iIlcIUG^^TI9t~hpHdF0~Md!mV>hqNjcJ()7Jf{sGBe1GmAV9ue} z8 zX*0hJZ!uovJ01F>>c@On^w{OHnq;OS_9Nb%oNUgl2+35K#bs}MLyJ^;eF4dARk6JM zJ5;&=c3DPQ#d>?}j-{7|f>Dz>dB3G)w%!~OXO%7-w7}Uib<|bRm#|}ce-6KIcDdKv zp+j}^??2gDc!MVE1blGK22s?wanDJ&_Rk)x>2{Z8WAxXt9|-B6x5PJ-B@ig1^?r$x zJmc#7OV9Nt?rRn;Pp_$!Rmt(vA)&>u#sG`9pe{^;rJ7Qg#i^B+(~h;j;|zb2zr8FP z3MfVokJvmSyUsDu6(dv!YXOMauhsgj6R?>#aQXPxC=jnSDQ-VUjYF+bBL}t*ghNGB zC@i%_c+u#*XwDwFx!yYUMq74iDu1QjY#`C=!`tj~{~3HIr^#wpW7Q!hah}`yND^k} zSm(Tl8K=)Yv@gPK?=hw@{zM}hyxW3K*&G6}aHu3tXrv>i2LfrtYG#cOEWE*A*SkZK zQ@u|mnrplfElEK=AtMD^mX=c5IaCldgLm|VKBkuk>@P9(C%I|a@$^=jfffg?a77-K z3Pco<+?LgmO|fy_OGTzq8Ap~vlI27VgS@`LA&3%=#NHI(iBtBdHdo>v7U@Swgm=3e z_<$$nVAXY$+Dft69;GH|YCmaok|j2oa|H;ic9pz6@g6~6B=_+wCvnX`o)4zw3KuDy zvOvXWc{h67IhC8i%vJ;d9>Z0u{Xze=?uej-6yp=7Mr0Rq)TaZ{L~*s779XduC*-wK+&0tR#C|hwj z64r~-N)hr!t`YF==W)jYGr|~L7#F=}JVq9)c?>j689GLv5^)V z;?vzT4HF=NvdO2YX^PYOpZ-|~ty=1l<;LCiW7o#ZD({i5Q5CZdOt}1#9?whVW{5r8 zerv<-$UZzUZ8HL;q2u^Ax5F7zZ8@eLw^N5;n^%2KSelASixOpW53hN0f2%jC;I(Yu zx@lEDk!X^a%3syFtafx*`$EDbzIPRfN8<(dgUE)3C*uC(GU!d7RSpUj#pqW(#X77{ z<=|Zxo^!ujzot7B^_PZjyjn7{nv>)R;*80E>BlGQ9d7lEUgaiDwu!l! zJ|=*v(nw34nJ`PK|UCN@_%={IV91;*YR~9fa2UqFo~jVR!-UX z@S>t--nR&tmy^u7-x4;z?~Fn#gipXapW0AVN`?fF2=jd%AI8cD1Ci53HLr&h#6mcObl z3M$Hbv?MZUNFx#)9&ghZB4me$s$S!Q?BsT6xU6#ARvcSX`LEv63~cEyi%`tuj=yQ%j6l7Yz$t-t0A?z`5z0Z*&G*w0I$J^S*iTDr2XA-1W(_ zk>VFw2HyU{;3HPvxy2RK%Ih8x|4M@B&@L{TO}e3UxO(lueE+J@1MQFN`@582!~y>* zueWfqi_aE5dTOU>00o>`;M)gaUL_AZEp8qN9Xj!Xu%jcOtgq#^ryWsN#Ei;4v-s z*KE$~4cQ%n(GtFx^nBV(G{8f$W9ZL#;j(yHsJBc%w%@Q*x$tLcb;->a67O9wX|#Dv z0bFHxmh?tZ!{!ota+`Eqp_BL~EWM7YG$8_w?f81iWFI5w2u>Ic*-;$E#|V-MssPpM z*l$wi;}OIO^F>->phiWNLUhGHB(OBr*es1hvz1u6X~6Q64&}tn*Co_G1d+oEo*;(= z_Y}1y8BZF67q{7u3B_M;TWf$g-IA|vX{aPXe0mX&C`gIRynAC(+fa)UK>wE22zgN+ zM&3~!1$`ARSlXTE;Il;%u`2^#ermhlNit#YXu}1+|7*ib9*MU|zxSmG?USIxmmW%A zT?c{l5&}c`QRbOX2xG{Hg$^0yJvQzaGvKwM*x7IL5ARx-9`2GC>Hq-5k%GTO;0*t7 za*_R6)|;~!@AzX$5i@kp?0#-iMjn-(MTn#e%wpMw*krB||CaELGxlkofWiMSJkAPF>Dq*V{@6D58K6S zd=WC=ow*%>AED)#KsZ$3n(#`WnjazPJA(}7lQ98e7go^?*a3Bs587gL9=>*}pn%e_%|94_tmk=A== zkPF>~8E>0E6d}f&1POmmCM++~cC8chyvFdleVz*WDDuB;FmVVZa;Wk&7k%foIWZiq9lx!_rdZC$ezQyO!N@ zg^UvNc}&Wnqwg#D?9#%+A_bMhw=RE0-sC>6^F*L0elT)#V;EvVe}fpA6WfJ1>Ii;> zw?}!pYTF6CvnYH7QEhNDus&8x@F6 z%CJtfFYQb#nXH7>_=e1ZZ2D9rol))?=M?j=iH^QOW;YV%7u$~Yy(%OMWjVDZM{rH{0YIb60%>l<0`LvrNoRJ z=AUkG8&97e;opgVsIJ|?;W8oX<^j7Qi<$lCc*7}otV!7K^WP$|k(}0TUr7Ib<^PpK z5$Uhg5}vm`Ow^oP*JB#A_ccCcP929wcF7EEcKSE^%pexH((e}i$ ziLo%4bPA;GDJc|A+jw%U{VRW+8E+{z5*;x=L@jL3-_Y|88HY&`8FbIE-qW8v0v8Tx zaJc338!eK)Y5HsWa{O74+uqmMxZ9Z@P85hs{>PK7T$&w$Ko2>!ly{G8Ewr_<{_8@^ zqu9f*w@b4g#b2A>a&3iSux&P^*0%EX03VDZykfBKn*5oe`hbKMl=t1zMj;T2a*<{F zA)e5!`M{V}69ykA^fOH;1j_j5Lw|;a;}c?|;UJ^N`j5TRl@4)X1EZa@Eq2;vvnKVx z=#4D2@?m%$50a10SQn3~!Z5eLtL&;A!v(hf9>XbjQA5 zxDqk6C+d;EcWd7V9 z0qmpWsO)JJ1mI&J&NQ_>=XLhChbv7snNdo`7kV^b1;`dUnkiMS-0(fZg4KDzehtzF z1B|WI*HCQyO!vQ$sh1J57Q;57zBYOaD4m$TNRNFhG3DAG3Nl^8oJ}U{AouspSVP20+BghVT~E6e7sj?GAwcyP;#`p^2+gyRJjklf?l z;G4GEIVxGtQX6j5;;0RjwOvPmXkI+}DEY6Z{xgZ^o)`+DKccqd>$=X-7)-4!8B61G zkaNOy&f4M|r_2KI*{g^!Z ztdt7FtDLckHoayWJ_wKevl_|PI}-5pa1VDH_@YctxPp!|a{hRgC-tue7n|kEC!r{O z+Pjv0_^vNYg#vicMD&7&=-5`xiU>r389q`w(ZLja)WIF1gf?VfvMQQ|vNOp3MtX#Ql_P$taGRB`%PI;D=37naU`6A22 zDBY%Q76RBvVwh;8V!+1v)n&EWbe?*YP(-1mX`CrX3=J{-Q!ZNLz`Me3ltd$Ql7s8U zvj6?Ct$Uw#u~xSwds33Jsi^~cdr#-OcF>npspwLu?&XwSc}Gd#V_Siyi>)N3D-Y6I zX-;{`CM(R%y$Bi^!-P+nR$X!wrJG%4nj^GqEYm|ClbmaM3bu5IAco}*EA6ge8Y0zG z4RqRp=qt~@5!!*YO$RA-ZQG~MM*c!Qz37?y&Bta@+dQUJ`?um)e_ArvgokqA0~8R+ z%;bd{%I8Mmn5ba*Myrx0a#)IIuug;hN&iLA!>E&=ywPX3POH!A-PQ@1TxH!4Nj~OT zkDRawjgC7>DJ-4M_IvizEcCg#)ChSre;Q%;Zed+lctmfJ;*=dO8`1KzNBlj)+g$?r zfZaBdKr8jTji8oHRhXW+a*WODK}_c2Qm z@brYp`OmxQm1{L#+wh#`H1q1*JS+7THWTvwDzs>y7k^}3iXs=Z_Q6NhMD8=1MTe(B zBK4Dm!Zl7nJ2V$VFxierrv4r7^_B#|xCcm-W0(sGca4)13mQZN-X|v02Sn2=#j_F- zR=XG0CQTbR34P;}Ck4;HRnvPAUdvnV4VR)*2Gt-K7R6UGX zYlhREk;lRrRip{~|EY3_l6X>D{+Ix$6*M1%B>?PbVpSai?#w2qsS@=i!%R$rObit%mfRZBuRg9v2GYdDyi+`RCQ$DJeHA z;3P?d(>TBdP ztr+O>yKC(woDz?X#{D8pJ$!nCy}#kqjLO4?US1*CRj%jZvo>B)U!2easFk-m?I-Et z?-yi?K17eRDcJu2WIJ3KK5QLt*G`UNsFePe>6v z6D}+{R)DQ)p<;_LCHrwP!X0F9Ep4Yl{o$1^QIL=l!;DnVT@>ecSANjDb)B0rhOwQN z3AfH0A;f4{7<4_zy+w-qMhVm=f31Vd*T0IzlJLw!)#F4VC?kv7_pRbXFSm(tA!yQ! zzEQ$=_e@!7E;%CA*suEkd<(~@hDnQz+l2xcbzE4MdeOMAG+(4%daKbXBbrh?4U5d(G`e#~ z6ePahSGR2a5Psjs9uxPn#RznSW)&FokpO0f5}ILWvEw&MZi@0J9l@Www)R@9Q>LP3 zRUv!@WO5~D1d-nk)=o#I32XwtXZbg?tY)ix_Ygen`DklOxlcqVs&?9<>-Jz$!jyzJ z=xUFWWs-YTzx`sD#-^UL^qp08O$2d!zBp|4tD}sETEH!`_9fj?5`$!(GwlR3T44sS zLT;X&-Y%&U$A7vOjtbb@njlCW1!^dl4y!uxgvX!^KZrO;AM#Q@OtVw9FJt%{+Jd#~ zw}9u}ecC?-?WyoQBBHz(PXVjo9?!xo8E&(@Z~4ZS={&X>5m5}2}1j%yGTd4f>d)sH8rhfB$Q`;5~kjGKR|M{L&SFA1Vc2RhNQr5>{ zD}Zyq@lO?C<=z3xJcC)RCjVNA$Y-04n_Ed%!z^I*x*k_9r|dYN3&5JXerB-^elI>ZC&Gr}4!G6AWwJw1y_quYSDa5L z!H(WT8T}zxnT77b*KYfaw+%_|D=m$8hUh!`tK_QqR4iUon0MkaXqA$>L4`|o}wOySr5KuMFBW583hxJMcwUX?sp3n!d;gd`$MfU`#{VP zihw?mYmkLh>D{Moh6~tlFr&u_&)yr;3{T1aF1K*BiYKbvs-3*gtFFDhKAx-nsALHy zbibq0yc);>zj7)4{zFMxW3#aC(0!i8^sW3xNnB|_mvxr!(UKywe^Pkf^UPNvr|rCc zU4P?C%l+#qtOYTqdJp7#wtf&dp5{LJfU90a7QBrZ6o36ksBdDN_k|@*Iz9#zaia`& zW=~9Ar|>p_v9?oCF`Sug@0k1Pg^OiBZ`)T=VNG_XIUNt^k&|VHlQO(Bvt*7awK{_9 zT$6{_%y#&n!-B{b3Jwns&o=H&m%2lMLs-sX(wTSOkpJX}1q!m15A70DbzwpOu)*k5 z6Ln&!*Y$Ia$%7C|4U(z!;ZXwUtC!L-*XxXCY2Z|RbpR=>zchZn;Wa>cGan=4K>9cv z)@J4?OY?bFz5_zhv7hbaUSMZizx1nWh;F%QY6Q)SI%Huj>Q~s$)x@E@mvoZ@8+Y!& zfA0Jp=Wf)l4`s(}tqgaidnUf4$RjHPna=} zycuN0-o&SFS9&~+UjPHzMHc0Anfo;#Pbp29GmGj%@4fj@ri19!Mn}H!PPC?j<|^bc zv~RMGADre*=SBonIC zU#v$LmU1n8j3eZ0NA;G07zU%kU*sSmoL8P~aEY-Or7LUCdZVyz{W*AV2tXZQ8|4J9 zu=3+gma8>0#mR2I$QCYmtxo7az0{cdJXGaF>J7@f;WDSHPQ{Fil$YJo7nv&=&9ns}n=BWCI-fk~DpgAwSR+*~s< zO`2Xh-_b-dmMQFo8a|sYauJftC3{wO8boY9AuX8d!$NihbGa^nNlUmWO?*@qyTVSp zo`s-pS+vCaty8DM6%3d_PV%q(Y4Q2e%?3rSUH0cTpCbOohN#2vPtyGE3w?0589DvlZ6wp)#B zAPkKPJ?gqNJ?p;(l9p1kcavg6M|$AIsrj{7TJbTtfRb~4vnkAX4hk61!Mjndyq?AN zho$J>i3EFF+C%VcLFWj}r+@!o&o`XH<0WxBTw6Zd4?JMxvF+*WSZzQ-HelZ8S_Q9f z@-4wA3y!P8US2q6l=RtE;Wyr4QVHLJ-cO9E_${`z5!y!Yy_)*HoB>OdmglNjiJU%6 zwHEJSrq>aB5~2TWyD>2r@i>%lqa&pg>Lf%=pTvvdOy(GZ-~U@!f4y`h+T%C9w;d!H zjOumoZ)(>b+Vx<^1~NU-B9XYE{a>CvrkIg`&TRM?w6%M?1|a>)`q>#>@-M=cnf!Um zT=mHe$k3)3`$cRAH7y1FnyS9&4!@PHo~EjFi1GuYh+D+LBgZAC7_GG+86n1P)`s+B zo{bzCmQanIw`AGA5i6ivhCYu=^iO8~>az}Slu=u^;SPGOnjW(a&bU4A$?|2@5ypJd zbC3egt)CkvZo2Q6C?Uwi58uwuqi4^q^IP$jKGD)DDHwU$8a9m2w<*x6PG4toanmd> z7}Ty?Hh&$Ukn1BZNo=U`rMzZbETo@a6*RXbmJ2zb?n*Tk@Kc%M6!Ow&!xmiB`dT=r zAC86gjF~BV^#zt``dcdsDtZlinA zX;pkoMcz)(rNKT8CF7HLkq$rG$Bvpk+#ZbmRMy*rMzn?*jkiq(CP*luK!tjVI}~F& zwPo!8Oxj*q4$Y8tH&mrxlp*3c3Np)fkIVXhe7$3MWL*=e-RaoY#Gcr;CYadv#5N|j zZ6_1kwrx9^SQ9(>`gza!d%kP^?0xO-UZ|>7xC^N~5mF0a+UB$rN^P8U^8L>{tUhE;0OhLPXFIEv*~YIMyF zi5k&^d4)I(nd!8sSFK%4?`d&_aS7;GCstzW#QPL%op27_=UzpBT5Xobv(K#u^z-d# zRck^Bj1;Bcg-bm*<22ay%(NN@Nq)iN?36|4mEBQT0i6Xw?HZCL$jwY}L!+b2W9 zI?d3==v}_W`F=u%`dGFA$*{|$+5YcRkY**6LHeshy)sF_sPz7NW6D0YZV)Ic*3#*6e;c^QxMZ_xI7RKR&BKIVB~UqLSl`p2qM+u zbTcr=Yma`TbjW*-p>&)6x8W5{r=;&a)@+;R zogD<83Qkx*=$OYFMSP{Pa3-B&B0 z4FKqa_+-tIvbnlC9iWz!Uyl+8JN6#+WE?Kjddayk?m`XrED37V z?Se!BpD6fIOLj}>)1$%yCJGsj17g@z2w1oddRXD7u2ZVUMGXsCUJl;OaH+J!?CoAj z`?z2bTa_x;gVErN8T@W_I_QG1r%U~2(C-jjFuv@63BLV2>-c6hsAa^u+j>v^;Xbjv zg(Q~weMJkP5^&bw?-#iP%DJFxQm+T!9Su1avR}HnseJjNR_cfNw_IJ@{euddWh{v< z^9>1K#X5=qEOkws2Wl32D`2z#7dB8Sf(Us<@T7)xi`=j<@C3O^t5Joooe;^d7%|Rw zg&})0WL&!Lc9bS!+xa8^PtF05|7ZN?f~LP5Lz&k=F1EU0udVZy-)Gn6+p^e4s5_`I zF6@8ROB7>zFn1N!f}k5vN!Q2wHv(=bH)>mYXbHyoofvMigFr|ucpITqL(#W(;^|g8 z8P&@0tj*sez;+R553IpV@k25freWkL$a%Pf5I}96BmnUO1?UOIYex6DN^e|8i1BI4 z{KGIlW=1dsYZsAtG{+lS2MP!4v(~>_H44z1qsao4WS@2d4eJ~v0Y%^QSx!QIhz!&5}ZkZvJcy`*HdPM z%cusdK*$PPgk4fFt9~%SKG@{0zrqf@8j;bdFxIvs`$Mp;u$I$(WPLl?Mz zRw)Ljgs-PRtka$A_m4*Dsb^77bfZkMP)H(M6A1S4Q^|5;jCw(R>6b^vpnsaCY%Zor z050ctekSW$WeNfJD*$H)KO#1<8FepBWRHr>N@U$$BcmaW3h9*}S+*$v+5oCG0P!yi zz#kx691s2@UU1J&65b_<+TD~Nf7WZ`=j4o=j@A(#p7f_K(kJI~wanV}0`=ewQ61YD zmN+Kq7A!ONjb~THW<`r9=eRWu{-Y&1O>;%Id-7BeM|&;>_B`Pgj$@}<7q0|-;27Vi zFuK(w4=~saH`*~%rC(6?r4h=81|LP2*2)Kc@L*)?^mU~NjF%>^zN=Vn0oy+RkID99 zU83U715`X=d%l<;G{6a0==DU?xiOi}YO|Y{|4RTYa`^-9{@j(-1q=SpEZ2AIrSSkQ zpwF*91XW~K69H}WHwreqO_WgYH>^vXADcD)8WaG0j5KOLPR-YmkMCK5Ua0dmFloc>s(ZTC=?X5C!8oqtOS4{K6qzesQ{@OB=0tk+Mu{$X!`L0 z1?f-TnA-0F*{)|t*FPnY>cW9lqY29OhaS_#1rONp1?M?@^+Y)KUcYo&38wphHc!BS zJcJSq;JENB%AU43fJNa+f*f2;QFdg;z8H2Wv>Ca*&(_c-BydfQ&3crshhZsD@vXKS z(sBKX9yQAGREwZ%9{xyNm!;FCtI`hiW&aINdkgLBUR3?r-eqokdwe`k6d%9b#9-F*Eox{dSZ5XaZi2XI9FdnX2ZjMx-T=udkuwq$B@e17N>|WN*aP$@C8O8bGl(w=Z4}#jaX-$H zB4h0qTf-Lf%4XDaWL$y-B%gi8g-vh3pPNaM>wQyrCzvA$hMFir9X`BLpLMXVpIbOR zOwfsk0mC?=*9osYRGckoSG?3eeo}!kE8BL?4>40$Av#PHeb6X@>M1%fqJ-f-kbD0w zaSGUbhPfd=Xt%wW#sV$Tz2J16q;ExtmS7jcnJ6ryY8EfbBVFlTh^~D+bI}5!Tis`vqwL;b6OTv{5BLX4=%n=jYY~3Dm->j1ikBpKhQcfP z(}|mSB9J3YRHz5A#oZ{1&dy`u5XX_A$fbW4Abe#ko%ni03k!yrcJukwX`o%H*RfW` zojzg2-6J>m4p))GeDdG%7&bx}e9ZyX8|n7XW$4p3kJEpoGn^CxP>e?qoZvGrrL`xf znRj73@@ym1#FIbkghI9kt=BK=oYrL)~c4lFknb0_A`E*liM3r>V)c8 zN6eOiLT^lzv<9dVMV5DIULYvTTjLX|vlZS9&y}J%6$UhyICO*Qson?53f?JHU zuW};IRE<2ItjBh6l=XDkUwB_t$8d;m zJoV39aYIeAp3&MM0H?!wZx9GfYM}kMtEBXFnHob|oEo%f9!8DR0uX|7F*N+mwMC`- zgJjnc&tCu{lG2avDm6=vFSnxRTTR|nWKy|%>`xo-lx_OP0Kt{YL&{$#2TL;?v0$hwf^k;xx1zdI9HSEd#;bSXKUkW z-^T>cml1c&MWAcg6EClyys-v;jl25g`5mZ8{<|n}Fg^14eZ7CCrf41On0EveM~y<# z4G#U!DA)r*#}s04&=l_M6q_s2fx7+PH-%(paf||W!Z0#$OsE*HZqQ@0MGXOF^&Nz^ zLXgKQkDLhK0!>?TrZ^2cu%cHXV({(1^}q}5!Fzgnos1kSof zjTzw|Kx3sag1BJy5IDT8;@g$kB0`tII^zOegNog82rH^V8H6PO{+vWzJ^;0TXt7V6 zW*t&Dayz&TL*5U_FZZJ)egK+#g#o%i{N~V{^B&o=6y%oPxp>`Afq|!44{kSXDeyg@ zUNG+o?a2j^CO}{_I*Q(T5YK!rwKiA3kWtxpBvKSe_zY`h=Gu)n5u5G%{oEWI#Z20w z7ikwc(plXm>l}$+)!KKTMX5#)K~ILSM5vl#hdAgTdXka@|8(Sx@~vFam#!9XichiN z8HGX@g&#?*7v|S~)mtgvQLK{GQ0J9MeDCvD7y1a;5ct!9`HH^Y)?D?( z&dmRT)QKej4^rniDGbs`(bgbLT{VPJ!?!NKLrl7YBKdv2O_2<(io7fLPHW-~_eD%S ziBfv2QiTEiMc+rX(jbU{8%@>rSc#g5c3P79Fh)cZyc2fZIAyk$#iPb zVD9ZzCmmEZ-T1!Ix%ap)s@BJpS9bhuc<$+fAdTVf?*BcGslY()`P|O;wg2}s z|9yfT1%muJ^|2-UDu7tt|L^f1_2XsN*#nHY<0D2Mat)?@UsLrfi$F? zrEDsLs_*}aeh`u5-!Qes3O8aBj#ksoeS}wQT zKKWDRfA8|QBmwKa0`aBp1O zH9oNl{dTWl(EoP%|91LAV($<~kLPa5>x1x@*ng7}j3z{~B3Js0%1M6XacIQm{Qbc7 zLa6)jFsnY1#S`G_7uX193(MleJgZ=&YbKi?htoS0A)I#VPSjgZbQ-%l`*vgg4c5^dP}P+BaI?3nzSQ#RU+zw| z(EY(t`zQ+G$C<){*i-7+)8)(ae^!Ae6?8BwI$@3O0N5|@Xa2dX&J`@zaDjbb7!>MO zT1nXgm|Ba;9(7*@X%IqI@DLFAD@Z5dGR#6Txs8eITVjo{E>_w`mH|bhmnA-l5F_9G zDX)J%qyiG@5wcaU&DLL$S(^rQ4PMswkQgaK<)7Vly|aAny{ZY;v&}Mx(9XPEjL+!+ zqp9VILT&Bx(MOt^@hynPK_2ACt5Uo<4)cz&kzk})o77VztzyekDHE}qK1!J@%o;>K zw&6O>sy@Z*k0#R=+7Hu)8*Im=o9!YO!~c$H)W4)u_o15Ylw%hB@dWuzKWeOu2%w6% z)a(AeJ#YOA!zJe$M^_8w}w|5mDyHqhFE$DYfqbS2np83vT;>$+2IUJ|PI?UvmA+$Z#TO)>>}j}X$v`A}_>L{WB~DWwdz{4THeW?Zkufs7bOg7a;0YDvf3o=CgHhsjzxyLr{3IXhFhss z`(mmk9azTk^LAqMa}mM@NlUc>Sz$qJROY!4n2=M>rd=o%d$V3DXFX2_I{#Zq0oucg z$Nz;|mH!8|DvfB++M1lH$v^tnE054Y0T)CZ^|riM?l|dM#YYknfpr9SPE{)isdk}} z@T){$kZzzP#RWg%Oen&XB?M-9RAd_)vLXpJml_JXUgrsv+BL;(@AZ)l&Jf(kJZ zy2?a_bi7K~22bz7J@BftHp+t}+XO|A4vCc9Isdbb29&s<8Lq1N_8t(#*k=IF^}Gkq>W%jLYC$C^>0b+(S(^9~o0I2T{bzcqR!e3Sv}E7ZJPUM zN){`}Dvoh2SfUftP2CRKc71K_!~uO@ti)=I-xvf&xeph+r7|zOxrARk$^^Ez4Oo=xjS%B!sysrX>LFXP zjcdhT+Pmwsb}#ma`*LyzQsfw|uUml}9bvQp}@;@{$n#uAY#lxn-&@bzL4z@O7~G@rx7!EyC~K z>i1r@%2QxLRVAYvs}sb!e`> z%PH#FL*14BOZ;yK9$tU=6EA4UP6U0>%8m8lplQt?F+0H*7E(JM-v61H_~RQ9ewR){ zfxa*0$JrjgqHmEtI2lo>h4XGy!{v9#yL{QS=l3uOS$Tt&knci!Lf%~0wq9q)R9Wnb ze3Sr142rUr+8A;ZLh#c89I3Y2tO&R9G2u*-$I%e|Y-if)oF?JU+`{(&GA3A?S;s#+ zuKbHf`)?3EEIwwdC7wc`7oMd{TF6gknCagHF=qaXy*OK|xA6OSO9L5mZo|EA2e0(J z&ak6hG5l{{DrMyHD_eE54cOZu)$9X_y;tS;(Rr1iWsgy&m-xU*^)vCxKkxpg3y;}ISL=9o9&5c9_50vYAi9{lsZ6v#^pbq;;c!k{3aBkRk z+mnhC-!+)06`!$g^KY~vUYq5tFek6k1ac)*^Fy=>%$YIwJdx{MP7(fuMaH0mFXj*0 z*cf@iZQ`%&2tv4yo?<=S#2;rne==^L$qYSr8_;C$JfS|eVBzDU2AzM8Qhm^HxF8#)Wo>Sp z0|9T?26s7bqSVh0 zM$1cV=9#GWU0`Y+;WFgy7GRPrX@Be~pOl9=*Z*xKG87|Mp`oXT(FVdf3Fo)Kx6)7` zf-%^mc===rJbB#$BprN!*@Y^F7Y8Gpij=S8JqGoOPtIg%J_FNw5}#6^F9oI7A_n`Y zaXzv#c#=JoP%A1EOA9sk-(miUHfZ+zKyl<+%3y~a4`hBpp)B&swRB@Z8l#y5gD}f# zE?B_Q)rraG`GNeNpc*2^ABrA-kQR0A+rEJ4d2qRpQo5;9>-@3yWKtrluV<9J0KX~i zm1pHb*A2t8EvL-y))m;4EWeypTiI^S65w&XzDEG_!>iP5a4R^G5b9a4m9S50&h<^t zj~5{zWZ;Mi(5xGTPcC!X#sXGvG(jb!|`CopU%sbpiG({o@~HC;t_ zpmxS2#9v>uu#RUD98V|43^OA1MsCE)-k%*a_nC|q3#f9?ih1M?81~&4ZK=VHoVYl9 znrirIoAnDb5ndNXMV$tP&6zr*tFyoQrB_5d6c&w2dNZT-QY`nuUq;J8D!Zz+ak{)1 zE4Wh9ZNaaBoWvoi5eXl3Gjm9AEa`x>r6JCzj!mElZEbo{gNVK2LR$HQu&Bph1rF1` z;m;*CR=r7nF}!TqHs)jP*?Hx_NTD0?W?;DF_y?J{B|7?2bc@s1rbzeh6Vi2>wpi1_ z<1>8-W|TYjx%+VdKD)B8*!lJz#>o2csNHyivAUtYJRr^}dO2n@oH3r4dYFLk*LMgO ze2_RAWUIZmGP0L#(vdh-pM-u_Za!B>ynEjXlk_oeTmo467ixC^hqGa7N3o2Lf~Eif zZW}2vVHFOy?E`NS-Ob;n*lNs|V7Yi_-6{eSzgA*kx8?}C2CndZf+-mCWmY_5nG>=}jze-Tg$V0W7q zt1e_SJjQ=biak!cva4!h9>s2k;4`<$oSx7(oPn^ z3K4fT@Ok7xlS7)I&^f#(`U>6)5}j~f-w60mdyRO`$+wW6I21z~Q@v>R)NQQSHn|Zi z(I&l<+I}8Ql8f-KNf;&e1X48bh6i@Ja{UCFLl2N>j!-j>J|W& zBPAmBNm23efKP%#2%7hQIO2}M_g3WQMNdtI_f~P)EFj?km1bMy7D!cbk5BH>OH=eY zWQ&KuVqcM|h*Qgj@24(HKPYq+WdVCfTQk+tMoYVCc9g)9W_A3Ea5rr-B+Nq}C3kU7 z(9E{)k05yw=G*!!pW5Q+l!~J0dYePrF-#u|8Vf=T;=RxEp ztDBC=m+OkS>i|`X2CSOg3_`X9KNxLM;>B)5wkuFg5CdNtRt)gZk!2jy&X<$%y6mGX z&=qb{M$sZi7qEY9r16=w;`c5Lj+8%x*lT2N|1U{aTfvgC$HKp=%dx%z!g6)N!uO+3 zVB1m<&LVdmkl@j+kAUNc=YbTmnU_iyUW)%+&7x!=s{4#6QqTEyF zuNpPqQe-bOm~3$0F_L*_^gghr4TvPWq1tPBEKG-8K_5 zwtMd{bpnjaPqGNos(qC^aaak3%Fa|b5V0G5l^=O3%Th8=?ed7J^5v%Ul@8fRb#$=z zQ<;gI>Py?p$UNErA-6!Z_-CWct-DM9=BJn9Jnzw#tF5Y!0oz0+kM7$4#1sxlOrZz7 z5#N{ITZ!b!cF7d!i#Cs)pqh^UbaBK0y4S78KCFcckwY>LzGQYcZDVDrvYY-}+Tb@= zH_Urn|7t@>TsOQ86&na>D8J;_*Ec5W{MFU<_EpK8AlN5U%WYw6=a=q|cQVO@zM*(1 zw?xz%`BxU6E*-}iTTp`H^9b-<{xt2B`2Ksa=${MnK5<$_&UL3p6TLvmw}~Cm$)ej_SVHoOKok#bzh6yK=R29=bFF0W#HXf3v!o#kb~_h*JF_2pBTs&v#OuAv`}x&T zeZ;9c)7I{@pQa*Rz*E@&Bdj`Zw&i!o;1fb=DwnQ5r?84Ko{4gO(Q=!9^V;#WC)whbe z9!PVJ+FDo+x*N5I8l9im;XrnnD{g&%w6ks6u-i6-Hh4j=o_g~N35a1;LgT}fhB09R zCLw|pmfbGLWGYB|#ahuEegF8@t}6B(G)#4}ro5|dej|!T6_*KTS6NBh*y3xEOfS$f zj5z!Q%H5VY*SJEDWlitPj#fw-qcwT8DwboNtf$;<$KsN8_-v?zjcxC$H-^V%1Zq=k zC^arw$!Ow}C21HNkYW*vQ)&hnaLhx7jS= z=Z}QUp!FL*c^XC4lf-bI!1iH{Vv|zRbD}^7%%OBG(65VmBsR1L9-ZFD^s* z&(B)2P#n8BW`Dic>bB;iacUfN8Ar9K1I=FhTSj|kV3JHI=q4aZ4y-#TG`4HGb(CE9_zQdDImw-)^e~43Bd0?{Zj*@RHyX2(fVN#ha z6a?>ZJ}edzPMd?jtM}Q=eZ{*G0PH#){r7n74BdXiI-z5)j|S+-v90guX&8Cr+t`<6 zud&fF_4$fdD8yW%*7SQOLI28C8Qv_T*6^y8b@SWw_}lW(eB6fB;yBgJ|E0=mfT{#d z8;0+7wGHKU(hMH6Y7ASki{^9_&ARnB6ii`+HFuAkT8A#`c}2k6>CdK-fms4#-+D|C z;lhJ`jZW+{dFOPz)icX1=Sg#ZPG~qy6=6xhd;YJ31z!P6kl1Fhf|5E{g1H=orLO`H zMEo1VDp~W@rYJ-#v?l*r+dI3(P4{I!_k1){x@6?~duz$#a{7F=QULa=}NKJtR=8Qa^y;+yzMK*IW!rOh?cksA+8Cut1 z7|N^1Suu#}6*(;~LzD%oO?Tyg&GbAUL<*5nK1wA$nz81*F$TQfkZVbncZ~!lRigsK zC5Y8Ncwn-b09Kl(D|0qW+b9|}AScK$HJQ(UD?Ge8Ll)dgDl1ROW#3yYn~U0c@6OEA zVF-yfjl?5~gzrr7gLt=a12|Z?$B*Mg-%$$%W&vOI$B4@nx#f>7&*mki(2KZ7GYt6i zd%sRaAg%zkb7)J;fJ@Oz%w;G%Jk;q3vf~IoTtyu?7h!(zMAFa@2cmXd;(HkTp%H|J zj*dAuSPo}Sr{;7_^$F7QjvBB?<8;P97`ml_sL}Y1 zC))~3x8ta~+!3A7_L$%8R}nkm8IWYrIJCKGLm+M1iT#)Lw3+2d^26=e3x}0Wc*A!d zC(3p^NXQp8ov>E6xviXfH|~JSmYG-R5UN5{Y>epMrK`eKxin$9Knj6S?}8Weng-Ic zbj6Exx7U7_bN`>a4)>VteE0jjun<>11F&|N7iebj^BOZaI(@Kk0xg!N{!@C|mg1OU zWthgIhx=W0^swED8lnTJnY?bcwP(YJ?iy>MCC)BS?axwkd~x2Th7z$$J+rv8H1XbH z_0cxs6GOr06;+4s$N|s|^m3X$J`7MrCna%_Q7#-#Qf&llOSbeQo|h2o=j0|PPNFq$ zvTZ2e>#`#%Zmn;M4&{)b+9~IaDTeGJqaC#?_C9Cryg&MO4iyebNE(jAU9ET|)fszu z4&3yg{4kUM@}z^9`H|(+_I7;r4Fl_SlD+Osv`3m6I9tjrWLy>g($WV`iKkun~ZDOBzIM+K_ zNdzga6Cmu2=qo$Z;LUsusZT-rslz$g z`sxo9A^h6-0Q(#Be^p56s#gk&wIu^`_<;N%KvN?C?(k}eMMhuEnpGXKCJow0b=cRL zG@OVN1q#f5R})3h*2}zS47q$R&>e={9^^{1el1`*o@RA(DbgMiXf2wO{l*QGQ`ZRG zSUu_xDjCc|Co`I+PZ&Ak`9>rGngs1CS^`3tSOJ0?MpVH*60+r~(AP~W43ZHB>HWNh zHX;*|_>F>WX5aC0cp*yXwwar*?CGWoOV4=TX{W;`$l-9t13<9l(-=Iw4bnPq4UGB_ z*UcEzeyD#F^%GKHBfN>K(Dw85r(9-uD;Z`}aEx_YsE>3cKh!oQ?nv*}Pn4RV+vvIu zQ#u9-URN#f_4wn=*vFvF`K)U>DVH4jjsh0eFd_rj-BUTMeg^r^LF66XF-f#6G2}6MhHqJZa{0m3Qi?~+(0`HLhCp{^7`wP!=Q{XQ_nrI0Ar2QQ<||k? zmy^2-X;L4c@t{Aw8!KNp;Y{%~$GIqZqV_CwYcp$tH_8IpqXI{9FdYb2grTb z@x1C96!V=LhS!@~5{|I5AR>MjAITafoz5OBNrq%U|Oz;qv{ zV@YJZ9gpoKdCT0*&^B0T2t`PM<_j4kS%QWv&VFCw)kWq`dHeBk*gz3}&+}PaL*gpc zhXC9bjxg=}$9gu!tLmUU+aNLzoaPI9+B+M>#uCWJJLHGuEHtD|a^%z~#2epaR~?{S z$0;Qkyuxd|(DdxHM<8zhy)=6XAK3Od+#QD{IO&U}qhg+sdsVGh3a7>vT2;C(ci$oP zlh|W0T#9qklWUEtOmu=si(s}Y(qAu}O1Go6V!=6WAQ7Q31MCQZeMGIX!{N12aK%dz%!QDo@v_44?&Qph#3iE3HG5*GUB^F@ibSg486nq z95PW4>Ry!&;Pe=ObH=OcXuZRBA=yaspDTNNHIN-4-fgtsdbclZ$bnDd+^MhEYW=CF zWSFdR5!Tf8f`BUMAGcg5BSO44C|~)Cc|dfgd%D7ENAQcFind69#voyQr*y{1p~!UW zkA7f_{RQjBu7}w@t`;pu(vd+P{x=c0tSuOt_v5ei%S{{@IC?DG_eG^l|0RtK2fNm{ z(yidUV*FW$HM`Rnc3W+|_NrFDQn0wcc^O#L;=c@d3&?ALCcF-z3i&`8gh-SYvQ0oz z8b=@IUw@+O2AkMy=Uue-|_*b|QxT&GeaB+^r$y=YzT6 zYp@kfj=Qp(0~BZh-m7ai2OlF_lqlpLzr)oTB4#6O?{;E%Usgkc3+)|~>t{6G6fJ0A z!AO|)UuB_VzgE`huX%>@>KE12;ub*jU0SPfaJ?>X%D8 zvm}+9s!F^urm_N2>t)c-!5-LUf)-zoOq>3Rc-`s?urS*Yt1GA2(%`_6E$53&rD9vyz3-ZZW$wwi8#>~!dKqNWt# zq-Z#)B^TBl33Vf`nKmw6ch`ffMGjC>lKWy+LQ6Tky5-$2jMsQ#HM0?gR>C;@juU{# zDdQ;M4w|+O3JAf^9A8`2?!4E~$FLb^wTTSIlW_~JtwL6`cJy?O5Poctq!Pd?LHQ!J zq=QirH2yK__)dWZW~9U1)mtv~3>k@jq7Q8LW*p7N7QWhyeB=iZ9Ls-m=?i#n^ZK^w ze!#VF3i%UXP{#k=N%+#Z@e1w{fdCsQLd*hzR;&+QuiYaD3Kw38%iLA)e@I&`i=C|) zkQJ#c|7U{zZgUcPj&sg`3kb$#bEq8_Yf0o47Gvs0Rwgmhb`SqM!|Kapm>5|9aA9J@*9WJyDt#&YpFMJuy!@#0vMD}@#e&M3Ap0l$F?!IT z+(_DAR#S`Z%AZHQ%#F`!{u9D6bffW&%69B+Qdi=#MsW4`{lQxb;mb-2PF0519t$1J ztoxJmPoEtWV>TF?pBm1AuEP}1Rd2gD`mVMC;XHxjaHcrIN$2j%Uy?m^V z=Q-yoICvTSZkoEO9rD1p`}*URkQ<0Go#_8GPfL?^C`-<5FM@8ZH1Jy_dnPpVuMC7s zPAAMV;z4bF*dLvAANu3?sOUlZJo#u$W3UQ&r4~YmiBE(IiQ$qxJ5UF1V_wOq4a1iK z99idc_zZh1O`Gmyqk8=5019(LYIh?vCe1fEEgs19GU)HDEjK<`47xpU`=G*#D|_{4 z(v2NXlc(+a5yI97KNmIzCfl|5y9sMTAe}^ey3qHR z;SsJioWH6CMTZwnt1?C$V++LCFUhKc!64rWACUQ6eGnIOGDq3Xi@*|WV1D5aqaPi~#Cdn2-JjotddwEi_72s-uXVy39x=$7@oPjt znCffw-REy)+Yd?)6t_LkfelZ?B0ZWw&@jXwl9TV!Eg5ctk#;O8@t(Z`w4s|%xK{hv zc{R>83(TJYg`xW+AjDpheq(>n?8rBPEA~IjupHs?I8Nzznx<*migkR-AMBoiq~PXw zxJdoZp+_bI@2d?Shg30+1EJNcOSyJtGR zuV(UJePD*NCY*m7N|-YYJ9_Q*fgmHxt@v}ACL6Z?*n)u$EUsq?$u@zj>F??R+PKy0x- zff9QSKAKu-R#Nn%rK|#|M&k?7-Ux#2bG6;U4n0jg6uTiwy*qUz3m|!C7~(>G>h8zK zqXriTh*iIoc2o?pn~E6AoIA>b8(kyo(3}r4A%EunVyxUs8J0M8B_W0=5EFW3 zm)`B)r2O~>m50Db|H0F&DE=NbWU?voERx(OZGr^?wUVilJ4wn}1|SY<0?gWgXx|lR zgcXKC?`kAXvvQixk_t~_8J-4OFHB;7n26oAI zT8iw)evl=6VqCpgFW}4An$^%YHRvfv5+tGE!Cz-6Im4jHL)Bzgz#HB;5>wMOM3_yQw2pA|4OC8h;xdyBU^`Xlh(!xg&Wi?mLqcGp{uN z;U-AGa@0HJzIAR{Y3mcO-5XZoY@|o-eKc_4Jyl_ucYRC#RbWN4MFD{p0}ApR5vTab zB2<^Zxev1wBog*~^`+aX#`5np92F;<^&^FD@wrr{|C^AJjJ?+&?Zmqnc z+!}Yk8^X~g(kz>sn4uR*j}}GSn2@d%ie=P=Jco;dj1kTZ3Qrdvo348&*xvXr;QKNx z%3YopI6d{Ww{aCbIX_0exH!vMuI)_TuYS5gsSIdrlJP!`4QibaDWqu~U2Bm28edl* zI|yI3!{Ba}ttvYs-#Sq?fN?br$^v3|jKQh~a}gj1Ciyn3B&1bCz3A>&)=GX3&DXdy z9ui?kV(F_Hn)T#dWA48aH^(KQpa9DvLI3xCH`Cpp`|5;?<;?#>JYp|)rqkc zt5bBe_5|tyu+ge4(~c#i34+Jnb<@-RXPj>s#sl^N<8DTs;dThuhM98y@H?+7OYQR1 z0YI~Y$XR!X@M9NiJZ(pG z({$#rOYaim))&uv*5NLt40i~e9kb;OC0^vgos9GHDl~G$x8y`$RE${f#3v>IHvRV* zusx^c2lfGnI+j^+7NEIv8HyzQf1#@dnH;=q(7OMVJ=7`E57n0F%Rcy*GA|v(E1V5( z6%g9(HQAm470^y2_QoX;Sh027Q#CzKWlX^}0Bx6bGPiVo!MWJplX-0sq6%j8JZRz5 z|Bibd9JDo0TW$b_e2#{%4El9khSX(K4ToXeN}M&LF_$OJugAPqZQa=ZmduI5tg->v z#BRd3qfpKG8+K{<-yEw`lVOs0oiOQ@q_dNeuccDnCI<`Cve0U)%1yC)6Y`b`Kl_*) z74>IV`Q}p0^PZBHNFSFWuhTBp9XfeG#osz%dypBOkl60{G!j^lCY*Zg>X$=4TZg)h z^c^bn?Y(rM&)dJXE}OE%bL?H>8iGm6s84^dO|BKmu5Vq9vAwJpWpvd%j~6&UFD@hf zOL%W!|1u(r=7_>rIy!Wh4u3vYo^EbTmnZotzKYYX10zEWN{fR9=)baqknNUnV%R^k;`Ne9fwC{HsWGwN{UHa4XeFm&K$4okD~JCo0OcM6&a{f zA1otZpD>t2C%&Q-yN#+t!qU}>aYZ{lFwCLx?SdW0xY!;PI%+_bsJJxGZ8ErB zXsubv5CXac7+ju1p#}|ZUAA_)K^n0$3vnKZsmjsT-j=+6 zc&v16h(4t+;Z7!pW?WhYcB+dwA48ibT^0;DBm%dU4~6&GdKWnk*_3{9OS`QZ$%uW_ zUKs;B4}B-gmyN8dFN0Kr^%&{a2zC&G{Hs5-$hU%>&8Ny+qDEH1CSrgO1B#P?|AAqY zitzEqyr&I#{Mqwkl}oCXZ{wjNEZ4ou1V^PVP=16#KMP>f(KFP%&l>J89SC88^kmMG zIO)U>+-B(R>>oFP6sCxi4Ohd*U##wB5O4-t_w=o}^yx$lG}8D2Y}_bWiAB33`Q017 z=TWQ*7n$1j*`pXD)F&&UgEb4%H92PVH`LMtU2KDgg>l&r_}G_4nVW%_ylBc9r`l;s|osi&pMwz8sF z7u-N&KJ?;8XLfI$*z2ZRzkKP)FsK5t<9N}|B_6@r712f>R#w{iEELOxEzY`Ct8M=2 z6aK{=vy&r*n*Qc!f?Tzm^-gw;_#!b;%X-T=;(h$aO!uYK5<`;?l3;tFge1gR#Xstj zJwGBeOm%ao{&Ur2?fim6N2;C?uAMBKh_F5&m|Ax2L{3cG>w9%4ln4k2Y_(XW%(=mC z-A|2N+Oa11)37}lsO_yj;BB@y^sD)yTaDMFcICAlz%|XDnxR<5I6a%$lm5UGGhS7~R+zZs5~e4Gu)hx+(EMQc?Hj~B2x+~??sA1gQZlka6v z7h1ime*LKb!|HB}-qqx1s!KD%Dzy=OXVmRX3DgBJ=bS8j)=|TkPRRa_0wzsgBZKpY z+UsU{O<4%w+d?=S8`GPJo*~0}MzjD&+xez%g0J!194bj%H)y8~_gwxLo3&U!Obh;R zz5=$DY_oZ;`K;qR{=d4eIxMQK>k~sG3{n!(g5&@O(gR3|v=Y*-7X$%esG$*%9*~f3 zL;)F)E~PeVY@` z6saMA@1->bHLw&X6a>=c_4j2^^gYF|*|(d{`7~-3Z0)s}lJluZqXzHuToqMgNf4c* z^sLJOiBB26vqucc>AR}Rp%ZC*9*%wz=cPmnFn1AHgsXF~p_tX#rv5Qw;Z4;x+Oa3* zG53Y#)Y*tjGNb)rehzV4zQ}eeIh5FDvf_s7zIFwp4>C^Q#CcAR#MObp+|)`xh3-dTXCN zCKO>6ReMI$<6>Qrv`ngoEA%ET#VB(407f9cTVyPAv?6!7H_zQT$3ppx=O?_VP+iRW z%ja$ZVM7yNDdI9KjoMqAtCe4E;37K0D+>QR}J8yZeIjZ_K^ zzMDN?oo(JBwmn7ZRujXPB%OVqY&TteZ(3q($C4&1tygezWZ{+X) zW5%v4L0QEd5dszDt}GNsz9>xsI&Ci4*r3+GsO7S0X zo+qJW9w_z;u_k^Yy%&efufHN$KyRb=d4*2lp&JNqr)MlFC52+1uTfbor$#gUHmunU z3DMb8_K4p39`S~v4^89}B~bjiKC+x7ErXom`svs=+|vxI-J#acC&HllNWeLh8DULE zj#lK00byZ`YR%cpaQ}gIV-peH^2EBbWJG%P;>c4zhC5KV2T9ysj>L&q6Pg4bJUI6D zrkYaQ)+lyd;0zso(~_q5waL`zkD#5{!bS&j26I_!V?0X>h={;*>`Xso>fFt8z4ePV zua)?_W%2aszJfzNvrs4!5Wv-_>irF)`___NSY`^JNw~|`%kn&arBJ=c-#m*5bwpP> zz*T`p$qbBHy*emXGG4a(5Jdsbwq7qgBHQdxREfQ7$59FQ!nuMFg%#GoC|(|yj{I?t zrrmhBr!)`XGQiu`Sg6=~)c(fxJM+81$2SpCdox~RjkEWKYo&Q~79gI8`KV$yT7pPu zTbUX!*MiXCmz~GfUyztfI^)1D1rwy24Cfi}mtUY7y_Q{aC+TC2mqN~d56v!=;m;lL zTXer3dYk}-u=PB(_uG1Gl|*i!GS>&*_Un>J61WZug-+9`ksPN8*hNcY`gDE|AkGl< zV8kqUnfi@hS2UbV{Jk~P*7}E?<4c~Cb}4q2Rd0U%Er5l9TK??W=u4r=l$#|79KW_0 zRD20_=ViV|D0B>{1>{w1b=x@BLavlP!ueo{L9P# zZh=R@<$oEk6bTIZOYQ%@Qm6n2$2=eXBL%zv>i3riC;=F}lZdDDsu1AfzYd~@k5422 zW|&+crGCzsCgvdZglkZaYsu21=V_Kr+U0|G(JydVrz!&Qtb}1^{6`it4JDo2q$QRok>A zToZ7P)0GU^cF(RlKN~t{_1MJhEF6BVZ5gj|p84bH)2D~I)bJkXhP5Ky?DlZ#sYqJB zX%A`GHf#NPw>+-0c|{h@bUXkl*2+Xu2VmN_+tDKh5-mG1hexgFvad}N-GeEh$znESLqlMqd>|ssqWRYgNN^GYRgFo6A z#ll^s$|f3Q!OYCONnwErZl0&Fc+cX}G~$2qC0lAzK1g{q|2Hc+B1!KT_}kqI!0lx> zdXx3jXx>xC_PHwMcwbqullI(($YRP0{BrQ>O*WSRl1D#ZV#V?#Ka>LlNpch*sJbG z;%H!**c$83mkCXnrCz@5Y7^)BPB^by;YmI_wuCk-pPX@lTFcY?^!vp34f7+ZM(p9# z)?#m>*mB7fKsay!C^9}w2%UX?=HR=W=3qL)Phx&hYABfp2WkUxkE_!gd!1vCOrAb1 zJ2*OuOA`JHVL$Fs-5iugSGx~Nb~CfEY?+~bQZBBst+ao8`X?_m!KrFksXKQbpYKA> z=a;X^V?I*zQdW9xOsFUF8tdvN(9_XH`+1^gpUR)jQQulgeQ%J3Az9J%qj?bgK*jQV z^%G|(ZlV=8E(dgM$dfx5)8{5U=gac?WPUQ5(y$P4I)wu2-+A1&>7vYkW|h}DSeRnI z-r{@iy@E+csrxtWWumLK{dW^*uWdufiu)n0(^RZ?e)JS;h}7GTd7raa^Ojar)DlrJ zd`sfjKhu^Le@S^~qvNKis3lNu`9l~5BQqI)5w~h=o%+P)WK|41LO-19Dspz#+%UGU z@1CmD&ZFfI4nu4XGu3{_Zi4*$b5<8S~VY~YQ&lU3X8qqDM zn@f;@dNe=$B8^T&qZTT(U&c$4T@6Hz%t+KZ?#Q`qIWw+SXmfk}c3;186oYr%Gm%Pq zdV22N0Sg91NAZ$_zJ6k2`qI*p*4G;$Mz(W?ExYu5AwWge$2+PPQRCQ`Dm1)ECwbXt@p~bPK55@g#xtRfN z%yiYDlw*Mmk3XP3F41Spj3VzoXUn4o<a$r=oCQp_AT{ z`~$T2h6B$>Hvo_&5leua4^lOHR}&+4FKbHiSIZ`LR|H@;ZoACN9NkAKyaNhfnynb* zqk&q7uv0|7iS}qtFEu76{x<;M)aVx=TpE*aR3r^wk%QZG%zqQC>$j}&rhLVbAx#L!-Tms zIU)A9bqe~dV#&2HxWW)!sp>cdTx%^w&?&K;1(~n*v^$d>)Tnzx*-T?l_Grnsx2}cc zwd38l7RPM?XAA6IL=J=PGD9IyA}iLsvok-#aOjGMkn{y~Ufp8V7iRJe;*Fsb5f&Cc z+^iasa%4ovP(ttRF3g3qdlIZP?G3UVyh9?z-@bX{%I<%pDKqFL|6KB?cI}L3x-Qu; z;zjgrKBbSLVw2wH-GO#Dhx{h{&6k5iPga<=C1%(jhqXV1J)#~li&jMN0KQYPOmap! zWA!p8Qx}HyIfQ#h`ErlO=cr@g3Z8E1f>yvj7KjlCE}6$odLyl*~@ z=O33MR3MTgE#}dajykiqFXOo|kYEDi;I_M~hL85#bCW9%QfIN-u*SOdF;(2!@k%x< zYMAHA>g%pbZ0q@H>!}69AuOj}Md;)e%a*C%PUoPV)VKC}9nD$@v9Em(dEurqhg(&| zW~YFoqZV@E1&i}D28oS{3YaY^(akhBEdw>uk?I6z6I}9bI&qwszYIq!a3%S72e~~a z#)Xyol`NJ>;g93C#HR%mcwwTn3mT##R3X{obtNubds?}Sj@G6zaqvx>L9^(C1vIqa z(#8NajKU_G1LFGX`-EF$NAg8VGA#s}XFGRm!gOJ}vF@^(vFFk&L#bgTz=(##MpfWi zm?*tC%b^Sj)mt>boR%ORQXZ35q>!o6oJ?1gSl=cJYqYiCLq$@hrpxkuL_s%?e zC(98t6iGlIaj@9b88yzl%6zq-3S|3h2e=E@kBh*P=MEP#l7^8l8et>rVbPLiEnK&T z_|!ic$x!B;1yTF85#6#=P(KlEWaWQ;K&n zu@xY?yCTL(GZm=&-0nmQJ`P$NL@fE$Z= zV^M!9+PyVaKWiG2MI60zT$PP=q8y$r63g;ubN{$TI7{$MVAYTzQYzU>qApN-raWop z0vWas*nkX(v}lu!=tNQ@&fHPvr)LiS`jVk zA?$v!yoa>li`7i9}m~NWdY9l*NLQV0S5yn=GaxGV{8TT={9+Duz z_>|%|#H|jVMX(oQI0LUADy?!UJ?m%gO+tB7Cd+eoV~7$XIE{$v-DS{lu#h+Dw(hn> za6-&9;hqvqHi8jGMH`ghKAUpkRb|@Dwvf?=a^7cC$s$2baT?9lX>b&Ti+a1E#B!N- z*V`5(P<~bY)S>-gQ-K$4m`0S4Am|MIS!xEZEsxy?SFE^_`oZ2+R=SeD1u1caPrKsa zfQz{?7-Zzuo$B!Z`9@i7tW1CVi-1}e6x$}lRc&_=;#wl&AmgS>Z0bvNZvwz93jEs9 zT%dsO0{4;v*q6@`8X?U@12K-cdMR8~?W#9buz2H&j%PFA|F8x}O%A63USvEHEFE3H zt7o7)DBdYRQTf3MYOE%kn$V(+fG&&JnskXUF@86g`ArneCQed=CQak_G2 znN=wC#rr#(&ly(kkQ&aFr;%d&NKOY`yXX%0@r`sZacZrDZ)cNvM#dIP5+w8#s=pH? zc4bPr;*=UWtMXue5=Iw zjUZuWK9y|*IkCEkh=^zHec*3>H@kP%e_)rqf)65WW0z;%wyp(1dEEFRvZV!jMFa$N z%t4@Vd77J9$P)z5?7^%Usy7ric*?TQ+Ajt_d5+dQlF*r4Utd=#-^p6L`qR&=88vHx zP>r5PXM4%pP#*K0`(cMRY5{Ovi-OA7F&*jNinK15F=)cg!kDbUxMd9 zS|Z~+U^(uHFm9dosNX@~-AE{M-;qPFThJ}1J_HskH5?!(s(W(lfn@Wp&jJ~`7H2O( z08~Jp*{b+Xf&Uww{uWO%MFUYHrL*Zn&HoXTJ72`)u+z7P{}LYpa0eyk24dL|7Q=_M zzcBwFvmjZ3Ky`8kSK9oW=D$b&@gFa6??>0e@n0tMAF~8)s&M4jx}$1cEIez={{WIq z&^`{R_sswta22^K62dRK!3lJVrVX;~YjtH%Paz8`0kR`8#1 zZBK(fzIFN)wIpyuNBNlC_?dCBM(8d9&oq4gZv;a8~ltF6y z8wH#NJ;;gie^BQD{I{?SF{ZNKl{mCEC2ui From 490ff7156cde7b5d468d06cf1e60015075219262 Mon Sep 17 00:00:00 2001 From: Ari Attias Date: Tue, 17 Dec 2024 11:37:07 +0200 Subject: [PATCH 52/63] Update storage-class-configurations.md Replaced the overview for Kubernetes Storage Integration with WEKA: WekaFS and NFS Transport Modes. Now, we need to update the procedure steps accordingly. --- docs/storage-class-configurations.md | 23 ++++++++++++++++------- 1 file changed, 16 insertions(+), 7 deletions(-) diff --git a/docs/storage-class-configurations.md b/docs/storage-class-configurations.md index 909955e20..3a888707a 100644 --- a/docs/storage-class-configurations.md +++ b/docs/storage-class-configurations.md @@ -113,12 +113,24 @@ All values in the secret data file must be in base64-encoded format.
KeyDescriptionComments
usernameThe user name for API access to the WEKA cluster.

To run the CSI Plugin in a non-default organization, OrgAdmin permission is required. In other cases, ClusterAdmin permission is required.

It is recommended that you create a separate user for the CSI Plugin. See https://docs.weka.io/operation-guide/user-management/.

passwordThe user password for API access to the WEKA cluster.
organizationThe WEKA organization name for the user.
For a single organization, use Root.		You can use multiple secrets to access multiple organizations, which are specified in different storage classes.
schemeThe URL scheme that is used for communicating with the WEKA cluster API.http or https can be used. The user must ensure that the Weka cluster was configured to use the same connection scheme.
endpoints

Comma-separated list of endpoints consisting of IP address and port. For example,

172.31.15.113:14000,172.31.12.91:14000

For redundancy, specify the management IP addresses of at least 2 backend servers.
localContainerNameWEKA client container name for the client connected to the relevant WEKA cluster.
Only required when connecting a K8s worker node to multiple WEKA clusters.
For a single cluster, do not set this parameter.

All local container names relevant to a specific WEKA cluster must be the same across all k8s worker nodes.

For details, see Connect k8s worker nodes to multiple WEKA clusters

autoUpdateEndpointsSpecify whether the WEKA CSI Plugin performs automatic periodic updates of API endpoints (true or false).

In cloud-based clusters with automatic scaling and healing, the IP addresses of management containers can change over time. To prevent losing API connectivity, the plugin can automatically retrieve all management container IP addresses from the cluster at login.

If using an external load balancer, set this option to false.

nfsTargetIpsA comma-separated list of IP addresses to use when publishing volumes over NFS.Normally, the system automatically retrieves IP addresses from the interface group defined on the WEKA cluster, leaving this parameter empty. However, if no Virtual IP addresses are set on the interface group (for example, in cloud environments), manually provide the IP addresses in this parameter.
caCertificatecustom CA certificate used to generate the HTTPS certificate for the WEKA cluster. The certificate must be in PEM format and Base64-encoded. As of WEKA version 4.3.0, HTTPS communication is mandatory. To ensure a secure connection without bypassing certificate checks, it's recommended to provide the certificate file within a secret.
-## Connect K8s worker nodes to multiple WEKA clusters +## Kubernetes storage integration with WEKA: WekaFS and NFS transport modes -A single K8s worker node can be connected to multiple WEKA clusters (maximum 7 clusters) simultaneously. +The architecture diagram illustrates two Kubernetes (k8s) worker nodes connected to a WEKA cluster via different data transport mechanisms. The first node uses the WEKA CSI Plugin with seven WEKA clients, communicating through WekaFS. The second node uses a kernel NFS driver to connect to the WEKA cluster via an NFS protocol server (gateway). - -k8s worker nodes connected to multiple WEKA clusters +When the WEKA CSI Plugin uses a WEKA client, WekaFS is the data transport. If the WEKA driver cannot be installed, the CSI Plugin switches to NFS failback mode. In this mode, the CSI Plugin retains its functionality but uses NFS for data transport. + +This approach allows multiple Kubernetes worker nodes to access the same WEKA storage cluster, even when using different transport modes. It ensures flexibility, supporting environments where WekaFS is not feasible. + +>**Note**: +>NFS has limitations, such as .snapshots not being supported with Ganesha, which blocks snapshot-backed volumes and creating volumes from snapshots. + + +Kubernetes storage integration with WEKA: WekaFS and NFS transport modes + +#### Prerequisites +For NFS transport, the WEKA cluster must support NFS. Refer to the documentation at [Additional protocol containers](https://docs.weka.io/additional-protocols/additional-protocols-overview). +>**Note**: +>Filesystem names used for k8s (defined in the storage classes) must be unique across all clusters. #### Procedure @@ -127,9 +139,6 @@ k8s worker nodes connected to multiple WEKA clusters 2. Create secret data files for each WEKA cluster. In the `localContainerName` set the relevant client container name. For example, for client 1 set the name of the client container connected to cluster 1. 3. Configure storage classes using the relevant secret data file. ->**Note**: ->Filesystem names used for k8s (defined in the storage classes) must be unique across all clusters. - **Related topic** [Mount filesystems from multiple clusters on a single client](https://docs.weka.io/weka-filesystems-and-object-stores/mounting-filesystems/mount-filesystems-from-multiple-clusters-on-a-single-client) From 65699f8f41529c71ed6a97185c7e7c0c0c560653 Mon Sep 17 00:00:00 2001 From: Ari Attias Date: Tue, 17 Dec 2024 11:38:47 +0200 Subject: [PATCH 53/63] Rename CSI-k8s-wekafs-nfs.png to csi-k8s-wekafs-nfs.png --- ...SI-k8s-wekafs-nfs.png => csi-k8s-wekafs-nfs.png} | Bin 1 file changed, 0 insertions(+), 0 deletions(-) rename docs/csi-images/{ CSI-k8s-wekafs-nfs.png => csi-k8s-wekafs-nfs.png} (100%) diff --git a/docs/csi-images/ CSI-k8s-wekafs-nfs.png b/docs/csi-images/csi-k8s-wekafs-nfs.png similarity index 100% rename from docs/csi-images/ CSI-k8s-wekafs-nfs.png rename to docs/csi-images/csi-k8s-wekafs-nfs.png From 94f36fe73ff6203a000db199ef54b80c9d9297f2 Mon Sep 17 00:00:00 2001 From: Ari Attias Date: Tue, 17 Dec 2024 11:41:14 +0200 Subject: [PATCH 54/63] Update storage-class-configurations.md edited the link to the image --- docs/storage-class-configurations.md | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/docs/storage-class-configurations.md b/docs/storage-class-configurations.md index 3a888707a..287b9435d 100644 --- a/docs/storage-class-configurations.md +++ b/docs/storage-class-configurations.md @@ -124,7 +124,7 @@ This approach allows multiple Kubernetes worker nodes to access the same WEKA st >**Note**: >NFS has limitations, such as .snapshots not being supported with Ganesha, which blocks snapshot-backed volumes and creating volumes from snapshots. - + Kubernetes storage integration with WEKA: WekaFS and NFS transport modes #### Prerequisites @@ -139,10 +139,6 @@ For NFS transport, the WEKA cluster must support NFS. Refer to the documentation 2. Create secret data files for each WEKA cluster. In the `localContainerName` set the relevant client container name. For example, for client 1 set the name of the client container connected to cluster 1. 3. Configure storage classes using the relevant secret data file. -**Related topic** - -[Mount filesystems from multiple clusters on a single client](https://docs.weka.io/weka-filesystems-and-object-stores/mounting-filesystems/mount-filesystems-from-multiple-clusters-on-a-single-client) - ## Configure directory-backed StorageClass 1. Create a directory-backed storage class yaml file (see the following example). From 0eefc5bdcc55dd01b54572abf80f3c9075700730 Mon Sep 17 00:00:00 2001 From: Ari Attias Date: Tue, 17 Dec 2024 11:44:25 +0200 Subject: [PATCH 55/63] Replace the image --- docs/csi-images/csi-k8s-wekafs-nfs.png | Bin 85721 -> 87480 bytes 1 file changed, 0 insertions(+), 0 deletions(-) diff --git a/docs/csi-images/csi-k8s-wekafs-nfs.png b/docs/csi-images/csi-k8s-wekafs-nfs.png index 0517beaab7898c604d63365f28dbd6e8ce57844b..bf2b8d7f1fd351cd1a7a618b8965302ed86a9a10 100644 GIT binary patch literal 87480 zcmd43RajiX(l!di0D}Z~cY?bFcMt9sB*8*(cMT960u1i%F2Oyx2Y1)t7T^rYx4(b? z=l0y3i}kEEOS-G8tE;Qts+urmMd>$)1c*>jP;X>qBvhfG0AR?G1cHOyp)uzpf}Efo zRi(wCD#nNoAU`BNY0H|ue-A|uxduT&hgd=ZUtfV71dsy?3MLC03I=k9e!Z6k_|H=S zI1A=~uajP1q{LKFb+RF39 z_x$6-duL}2XF*c2K&jAhf6m8rpwOSb%P$A&LL}`S)Qc zJ>;eowj!Ov|9S8A0iHrK%zw8D0;oue;Efb@(*+~^U!8#h=^X#756HJwk9+^jBv}r2c0dL z-Gy!~W=g5_+AKFnJD)!he`KChO%D6tnCt@mG)&G4P<}GJwg`n*C2lJLueKZUe|YiQ zkvcjW97lyGv5BB>*7+f`4?l@{mOi{7JXjZ)3YH$2NCYd()(TDd13eiXbG8A zwZHb^`2tt+2rWJ?PVCE4Lq5m2K)i0FjlrG~V5MU(!_#7WFc!KcT2ZXZPx6@9bs0VD zsMdVEpmEhh{sfBa^PIv?^LCs(mee`QNFb_E(Q__y>+fziTdVmSV+As*`;8FNq7NND z#?y1NArxI@FqA*MA6@wN(j4D%aKsBe-7zwgchUzR{QXoMMv+5!DU6Ngy^P#!@eqvPMOu|4-cQ%Rocge}iVP}6q?*xz zR?yI~Mst9{>M{T_rKX4H?WsoT{8&1F>0wq+s9iS#Z4pCzO>OP0_oq*v$WVgr(p^`x z)A?Oh8*Nr*a6E?-nPA4R-!yEAj&xS-?(UZCyI<~3ey(gQ0O3*H^6a$Y{0nyRc1BH!4zSeb=}LV*Iy{^^K;juOH8tf_eONM` z?y_ikHNr8D*05K-8Pww6kBmThEs2YG0R0=QRcFWJ>5o|y zwK^*fOvWthiM5CbWJy~>ZflvHogFKlBj1u#(zDd=H2Fbt9d)3@ZgqTc@crn(Vr9_za{_v{dKjv zmVu5l*@UKdpi?9vkEUe|$`{!75vn7q#D{?1POK&l|64Z9@*(Kmx6zGq>hAl5@~Pg8 z_P?t?iW_&w!DXI)&Qfhw0fC+n1kvO02`Py=DV&z=2Z~+MoB+^T6V!&i4}73@;3P?sw=<;;7}-2@L%h_~3Mh!v{o!mi_wAO;mR}_H)9$ zvefuUGlZY6rrSBjc*WaZic+uFy&3&`DY3!#SLZn^A+4?}&Pma@!w)KvrPUpMeSJcS zswF-?=Y6=dQx`e&zaZ<}%0BBnOP(=C`TX(b%32BZt^xe+RVRk!Mo#O zwz6b{%k@-$_Jbi6d`*=|&w$=lJ3fb5QIkv)8Txarn|-B);4`gu)j9(c)3rZIqtz_E z^36AF1~1oD_d?VcI*{f7=8OLw3v}cTahr(yLqG3nWyf<%_r{!_?e%C1mprYC7K68_ z*o1Q(=4A*hcKgqGTCLni8B_DtSRs-?;uM%-gQ6y^~0tHUQtvrq#GOqXbET31HZ=JDOVBw9yj+ zAGf&!5Fdb(`W7bfC^GMkT|Tv*4-fs3m`+lGlM;a@f;x}>&0_9Wms9n&>TF=m@X(Mt z0c+9Qr9rgMGG8Ebb#b z0y9kfZkN;zwbJeR!63wVRi)jBU3Ym{TB&(v6HOxM)q1(nvk7*dhxsI}D-vkgErxL> ze5U@k-*)Ib9lh{jeeDG24bOKYXxI{<`fiTFs znA))L@6~ddv_%B7ewYEEC<75_&|Wz3!p}Nh4C^Nk-QbXz0v-znh{X^hQ2U8r#5)6A z_tYJXFf1ctS(AZCE*4R&;I3L`XrIqwff^(r^3c9mN@=UQG-q3^tsDf(3hRALGAdnq zw>9ruI+{W$Xi;>djNdg|`CH`%*Q#Q=e%wZ|NV}*bxru-Ln>PDq6;hZ{N+o&&EoWKY zX-@ZNZAnLyln?Q+C&?5dFdij6%v%|Hw?7;*Xq>+1S;_kb$QJXQ7mTUiC%Bb?H_4+W zk;zKdMdJc8cpGCwX>`zR(^L9Ziza@94{ZK4jN^=YP-(+c(OO=(Np6{_ObpErEcX~| zd0|Mdo^*=QFr5*@#1NUFW%Vx$uYmi&g51L-!BuWtPqdaJ8LloQ^G-CkO8fb^c3hnZ z%-HL1L$P1e!^9VRx?rBEabGn*1I;;eDyDYJ6KAy1=?~LhZ8}iGcfE;oCB;%DYC91P zQS@gm@3<`Le9#!W07LLAlKcU%P$^x@^`DcXHQKQpi>s%>didi;*}fd64FSO2=gI+RRu9ZD??Vbv6OE9$xLy4%OT76 zau_E?bnS2G7Ceh6PijE3sacKoS1W}85RS{D>Gb=<%R^F*(nK){k4@ST@)j;|UrQVp zgEUdSn0Mm6soQ>b2!QX1PuODfpfIx{E*m*$G?l0HNSf3;uVTawuB+SeO)n95S+tplf4m|&{)NLDZcuSGx2%S~g4#t7~* zP8U-!3V7LQFiYR(xO#w|N3s<_n>a&PDxbH-2u6Gh5ACbp&%KpFjRg(Brtj#57|9~eK<#=-CTsUbQ6?IlhdeN6 zUQG*{q%LJ(?i>7T{_;#ym2zBvO`P;Wa~w{Xt&iFGidCI)Dt+KCF#6m!8eSHP8wT_= z3_+kI&ru2nPHz=AyyK@j1ymbbMp&e5Ae2!WTLvp{aBKmJOFzf=39+R7%6@xkqN6SN zAS}&(Z6FfC&lD|V*3Tw!%4|jy#*xVVJ3|bW>Z;;SevP=_uWJ%J$x(XIrv%FkBaH`R z$gP4Ahi&F2IfY7G#-+p#cLH~AAS)$D^TzGnKs0IPMPQetjx}T6MHf9W5Ot&oMO&pO zj2YBucyeHFrd8I^MP+)8Y<_O{J^)G<8jx2@Cf2XS+NF$O;G+ZK5&fjSt9DijgwLg`IjAq|Gc*&d4Wz-FqU&0a48vLY<7yYcEfv z)yxGL>{ZaTqHa)&2rZGFOH)??}8B}8l;DIa!340qz1|i(VfKikA2_U&36r- zwWD)Wkg}AWDM*+D$r6I=Tz#Tle-=1+a?eOBh8Bj)ZIedAT3Vp5+$=Pq%OdszX8J^*UoD! zsv1x=k&=e!L{b79PL~*(MSmuvWfCGK#Ea9U}p!CF6*^NO*OM zdqgs_D_SVY$kdPhQiN@I<%7^@rT0a*h>2~j*yR>v5qIl+aLg8N@O=YFXMXa;UyhBP zFyVS6T2t-FKO$#2vhqr-pXf^7x=j}8Pj$|sA```qThxJC{COv|nnb&8fh&p=_2a@X z`pql>!#r-ctVm{0vtOlI@c;%P*n(&4Z;zbjM6arQRq;i#UqbgJTO4j-QsDW%wO=Ow zu*&4NV=pEA8lR$Rsr5dkf;@vd&)-_pezIS{KSG12-wltkddn-A!=ifn9JvCfW3-?6 zoHav|5UuPc7~eP;HNt zRvjXJifq&-0+>b6twd~q4xdqI%ZON0`~DSK#BZ*`K(oVZTYWa}DuRK``39?>%rVO4%*A-b0q-gDX|&rSR|=8pI#1>d`sYjaDrQ}i9%s&@ob9JS?58bOlo9;!t-%QT z8q9P&y15W4k04!Vt3C9+MpDD#diD` zr9}3XEPCUK39Vs!#PCXZ`~BRCCh!`AvPpuzSnczDCYDJL!S(BnNURx~vsdN{5NfQp zE`l@mT-0Wsx(rY)rV%aVQ};{YMGmTqYEcY1`HXj;tsuZLS2(@@x#&5iJ`;C2h{=(N z{3pL+OK2yyp+HtHs<(7oB&nN)Ltsnn7#Qcte@OLh+pS%bNHDZJn@_(HPP9j73EuP~ zv63nA!zwb5Q2-n34dy}5wPX^!2HTY^VU-Dru_1n7`Z@P*c#^o1bP4jL}p3_61PYQG#<>qDNY^SF`0 zlosA#B*mlpWabPTjMa7f+wm*=$~P7)2(6d}SJWuHeb5Ey^_r;1|;hQfD=F-w%y$ zIHfC0mY26!T9va};SBzIEt6}Sny+f3>D^~X!y-0yxhMgdn?(t|L&Pwsy8-bKhGbTD z)8>Mp0;ae5`Kj_h_ewVzOC2`%;vzr&c_$;d_;CXNiM{xPG);zrgs6aI7CwfF`zr|R zjOBlUNJ{*+B=0>x!~P{~-_^pO9;c#h3-b@@I?-eMnUaOqqj?RZYQ>_8g85cXoWaWo zfJtdc=liDg)Qb{OLH0dS4!U&}5d}|nL7Fy~wjt8=y94j3ueJ(Q4;Sep6;Dz{pZN3D z2x&6jIDTY#i{Wyi4-qm9Qh#5 zB7H%fX*d?a3V-;6i=0|-t!#!2XQ?T52Si%4n8}p;zefMijonQv%J^I6oFs@3{Fm6p&~w*)Z7Uw*Ug?s{s>oErq^`ZJ4sWvY1C{$Qp= z7BN2$SeOVA5DtjQI(<#ut_c&Nc1+~I)tI_?|EbJWN3K>Yal&k_5qYi}S;JaNS5Q%2 zU6&*b{dy8k({7D3Q0rhA?B=4F`<%{ErCZ}sJr)%!;d7|!`;UVKXdN4Y}bR#fr0=AIa1;CbBI4MgIn zNetr_X#jRf)n9C3nG8Ra;0>Q?B}|OLB&b)6b~Am4N7x=Tw5A{1_-sbtdNHS*2ldru z`jmaKyY%VZ$jHqZIGZY^Z7E-+w4m5T79T;xof#sQ8I(}$2v1jiM{);`8u?c+rI;ti z>GGxI!lfjlFYKx!$)vRdQSQRn47%^C)2$2trGOnGcf z=ZE{RB&j(wEkA5``h*~PU)^_8TB!)dXhc*!PA3gpjz64;F;G&zr7NK%LpF03*iMoM zRz<$)ztGd<8_>LqK2`;ln(|`|uhSUm5r$i=Qn{ANBlNo*37ILPVoi%B7Py%9-9ame zgj^5iB~I{T^jsRv?=(Wx@(eq`j;GE=PZC>AM-1tgMip=>?3|Kr_o92_ot1G^Iwk+1 zD6BNSB_E-oPe()0L&I=h`!S*o*^yO)ZSv4*q!m6^F|+Y&(7`x_`I!J^*8y9PtDSF) z)q9}ybR`%Y8vejWS5H}AHdx`e2pQ`60hSE_Z-p41etrT(3rv_C8r^X^`1#ISHu(_j z?mSKMKhX`G&d)j~@4_|we6-aRhLfXkh;HcG91Hg?h~@YrKG_+-hkIRJUr^Rrcq4cZ zlt_8=U*xo!({Q9{e;;0TXEnU|!3SAwngilK%_2s^KRUr(KJx{&!VQ#OBc^p?mUQ;+ zJ_u&XT)4^TrC)8P#{v*j`oDZxC=%lO9MdDTArXO(&MW(>-Bcu@zB>q&qPMZthBkJ~ ze;=d5IkM@|)O;h>S!`hgSPVG1Utr|Ci$(3w?h3yMm-@(%?y|wQLZ)|nIV5bgLb|1U zME<9SX*a=!6D&WWh1TF;xWF@3sWf^oGng3pq&S0)`v!n)^eq|vt4};OsY5+no;nqz zU)eyY2pr+Pc-M9I{Ve(7d~{C6J9Lx_QJl&74CwblohPY%hf33Tby)_jm{g)@pb$S9 z)}Cz2aclCbXz$W5^9Qt64eSIMf%YQ`mC`Fw@}@f%oQH#jS5E7gw2LHLT7Q}^TLlO@ zn8GzLErln}^_%n4a@`(8*3jKQM-jq&U*eE$H<;j>_?b zYm?=A?t$NirO>}DYbcVA@++v};xJf#990cd=3$)VIb|+{(J1vWZ3&bPZK#Dtdw}vy zef1he(2AIVE>*tkUle@BV3mhu)Da@6!GerKo()@+j?uFDhR19$8{3%d2W+dbi-RP* zi8cOP6fW*{si;3f>%b^lEDdX}wLpk}f@pG&=nsixk^9A3c!EU8y)iLan_v-9$i%dw zf96*|>0C6`N1XazlVLXH0vX=11@kotk zdYrQ$dXYm4#?UBphAXhm3@zQ+B=O>qEw#pCcBq++EPBq32fGyh##C9lB9vtVG3jOLdp0#GM=y&S5;Wzch zq>{*K)bgFvR+B&<=b;9d6J?V1Z+_g<8TtgpqojPz^UPcyK*GJyzfXm9RQu818Eb zj;sZAY>I0WW0=A;(xv>oQzA7JEU2&Wlns7n#7Z*;-9WrLE)_8oubSN8b( z`O(OOoyu=T{2XCP(L)Gz&`Wz~=lIQ)ziXMizEfSX(Xzwv70|<`p;E4GN291L?b12T z(ltBHbuv=B17RLhkuGOrW3-b$@CxY3@?>vu-fxLLIN002ImoYYo1Mep(@z@}4%W6( z*rtalhH6P8ma}c^%9Z^{agzWG9T_~_F7)3 z92+g1z7GoP(4S?EDGLbB98P}we95%BYxeS8Thg>I{igzDgO?Lj55lH)cdrWrN7ikJ zON`L-DM+6FGC>sW!odAorZKFjk8PB%9#P`=Y|Y!Zp03bGF%FOX^*40sN(Py)d#DIn zC^jG~bunGpjyOx}<@S#cHxzwtX7s2UlG(n_n5nDiL}_nBBML*Zix9^X+UQ3fdui~g zXbS=yW_HBEC9W6W`0xh}RU0$t^f{jR3ZnGk{`lh71Vt}7-NZO6pV~5TeoC?&lycYR zbjTV*-Y++vx8GYZqBetpn*XKG64Bq92&P4r_3Vd>d=_CPKlrnk3SVsd=){-UXo*&J z6nK)j*5>BNggFcYC+G%eK#^-mg*W2V6Oc?=T7Ko3DJT-XvIy4w-Mj;O>qy9vg?gFz zPV@H$SU$lYJ9f^7DgQZr>MctuQo`RX2N7g+s4aM0$sg~LQJw3r!FGbTlIY%}DD&C6 zPI8$F*OTM+P<>0aDAT1Qpi?szk}UmV#`+PCeaV2E9kba&bsv=3T-05X>@&A);aFE+ zGW^kvI!gB+M5MrdPqAQxXO5o9QNa+IW_o(l4UrUono_ZCc{C%S7+4j=9pL8-?CdNL ztZ6E4a2s`~(Kg4xS<+oapnx+?J5n0gn2R=|ca||-A*T#XhTd_0tE~x(_h?kQ_fXwj z=IH)?DBBuMDECTj55d`>zAfNe&OVutx*!G%M34hIyTs>%={ROPICEgE;BE0y+YLmh z;U0nv(r$N&vT-{YReijoRV7Ud&i6m?Z+1x>LU|x%_9=NA%49O}=2%qwe7$%X1Nfy| zlaoX>Ulra?!r_2KEdJ`Q^?gQ8PkQ?RKUiSZH^ZJO;Zo?mEiqeoDpb8++8Ti>M8h~y zz8x*u4x&Iwry%vj>Yf;Bc-GVhM*TeeRgOTCrUG=^=11qR$~Z&4n(m(yV={y}`E$Zi z4Q}Xf%H64gxC#|1UxUDCz#M-lCc{7IGR4f6hv3AE zi)k**%x6#;_sKV`r?T3oY6Zf^ap6y9v%ll+NO_cQi5u|z9@E$`9)s-TkR%d31x#hC zAwGcJJ`&Q&`{SB!IlrYyHTP6$OfI}*5gtqhdazj2vY%cy!=0DiK1g)0i0ugTU?K>? z(s31Tpf!MIObd_objpZ^U<$WZ;5>4T)|Hn&3B%S<#7v-Two^o zgj|pr22@*Yb|zREG32-5<4|I{8U|a!o&Z;dhf4+?lHd7DdgV2guXULhgq)9|({%_` zE`dT(%vMO&z_%zEJ(0(og;@OC=m2ng{QM_nN;3@6E4!I_1`h48v@=wkoyjK5Wc=+f zHmu*1sz14t&P@X^7Xz6_o%es9hBD(P_Z%FmX$fVE*=BAPN%QLarj=8RMhw(`Xi987 ziMq%_etB-C^v7;vX1LSU(TSd`N#G;GHYJ3ZB(DpqT0{h2>cYe&q;CsnLsRBR#)MoT zFw)(lPIhbBV+yN0U?2kJcY7RVa2E%^?KO)bjmt>h5Rcsvkd|HOaHGMydmp-woQm!f8` zQ%3ls)s0KojeE=uvI(oI=h&$g6Z%vbFh-b?+t5%=JQJN>2@jt(1S9Ec>i3x2s6F{~ zoh*4MQ%7MK>06(tjjmd@{pcj4gcfYze7pk%|LDLw24;LGU1Vo_EyJx+w(zn^vq$kyPNwy zmf1RctWGC@%t%7SEC~Hgb7N$uG0k`3YQi@R&@F;wCalY%cQ*rZo%Dpj+c%JDKDJBC zV>3d6e~`N~(i_B!xk)aTyn^FLo>Nt)g5HpTst!U|cEMKrJfe4*fj`3Zi99;3EZNZH zuUS_W4b_lfFBgT~BNH>+)p{8S^>lGxDi6AHKp=hO-KiD7;$kVN?u(o#^Z#&0L@&W- z1dYm-Qw#qI9y}a)tWAvMh4)Z4-`lds_%rB5!8_t?Fk=??yoIs0lrJyfQXUN$@ao6l zq2GVOhfd>!F0kFQ`79Sc|IqKgr5!8o>c~YnyZ?nq{hR4P!FlrLMD7eU^3LYj3# z6wgE^Il59tyv}z{&*&-b`=J-%#amU_(b(@Ua{dq*u9%iC%gql~MBdao7cTrH(7cc* z_^UuD$dw0?Gx!SFRKLg6 z@7(nGU<~`kY&Js%dZtX0^5uTBiNz!#uiVR}nN7s@Pq{7XWo(?~Oj~58g@197?TBC* z=|Y?{3kzN%rkzGm-|eGN{Dm@DFkrN+@fPqB>4 zQO&@eRD0dL=B(P3ckwT6@CV4q{*4*R(iA!jt-lHtfGTl*r%M{1S2={gVbvN89>!Vc zvsjVK>nj!-;Fir-TS!L-EdQ`1eqRT(bW~z(qeRX!WRIGH5KXKJP>-KGE6XA|@iHN@ zgsq~IqeM2tc;iy{<6ADCmURGXT`rJCpO~yjNSOu2i2009I5R(%Zs_L&TbX`^fi>Q6 z=b`7@BhrmtB(yeTL3VYLbU4jz;$+c2_{4}GZq#pz_Y4!A0`4d}pWs4U>etr-0^(f| z{^kWr5JDeUl0 z%6&RwL}wKo_fZTHQMl9UJ&NkjIvjrCM8NcwM(Zq!6vxs2K|*4UTuw_Q#9(&z^fH~} zpCGd?EL%li?c$SBha;TlG#&2acraIOcgY&7L$hHMi)C&5CiO5qALc=us2b2^JT<~5g?=Th+}zmgmkgs`>7wd7rp>H3DquKJ**N< zB!l{)`wn@(_p5jr>Nm-E>JcIzxJLQ)3BJmd;1EA`S18%*P;;%HI72ul1=*G(gY>_U zLs@Pl8eo@6TV}lRnO|3K!>p{^NWwS`Sgf-7WSF3i-Ymk}b!@rW5E-`YA{0;b?ZB?s zo{b;pt2|}XtVN3NcM%E}s<`p$jd8eD4BKuv0bVPNh@EOLF*K)l8?4%nmGc-WcBv7YK!CR-mN01ATCsqOkx0;^6g zFm1!ZU!ns;yJ!icEP-AAY!ioHcCMZdRcXBFtgumXN$`%BZ?=W#_f~Q!^)seeHZ?fF z127@%7Jx^aX(5h4!Z0T5rX#;nlr*I%C%Y&VOFFzo*(9EiU*|sXfcxtIKw~cM-8ngL z6A-;Q6X+CL9!W#sfHkZxPWyWE(b@Gxfw>9#uTKnwP6df1d2wW}Vp^YxBYlo7cj1p+A-pXO_9km%YiGR6yq{K0{3;n7$xL(?m zA`{|XRc}KiuoMb}zT&z|)%x%&BJ%ZOXqEGPs~t|NB^_H=9_f!I)IqKFmiJxh8sBks zps;hgp*DZX|Am77cJImZPMAZjqZbk9nJQt2hxX1NfB1c?$v`ps3ApRe@Hj#BOm({| zw~{&fMl_)u%o4i=$}(cTX)Y;I_*dnzSwC4|Wyqh2H-Ph#e$9B{>QodN>ho-|m%~=V z%HC9-tG!_V3Cv6))l-2QuwoB;4GTxdTO`F<@nEjj_l7F5l=4-|P_nHM^JZQuE9d}A zA0`==aU>gs)5i{H=TZ?Bk}fwihJ51~2Fr#g%2>8n(;;_P2^0+0BR>ZCH}@Wh@CE^- zr5=huT@q zUjH{GGHc}*q(&-jJI^2N&fw^ZfubT1q_#jxtfB#}Q}arM#v`+aBvl6TjFZxpS9V3$w1eTqO&p(?|!Ug4BPJNWQ zMdpjl4|M?{T9AhB7kcTUhSD~aRDLY@t-p%XZL2LAb)1k*6=Si=o@gj0hk!t(c`>aG z4_Z0{8A&ObuGwgx2Ucvft}c!L)M9YXdr72Ds&&IQl(f~z2>qa7EPX9wE)4cT_}qIH z_b<*E4l>ef`QW*)o}xzW*5c{Ejb2e4%~jg~kz; zl?md7+IpjiDtN1OSI5En9TcN_V~kCHqK9c8W0x^SOKIeX0PQC<2|qrGQbd;hreAI5 zHzOL@2IVwG@nBi_zqSraD8V7Zfoj!vdR|KiMsTF=mCD3>p`BbgTm0~*OgMnuUdT@gs6YQM9uA9eY|U#})xfq1qQ7)u|V zz;cRtMi9wI9yqnIt{Om=g&yOp^13flLW#K&*_yA}+mLYC8b$vM(%58*znx-k*p})X zdTuzs=e*zT|DJi0B=g)>NSs1xW_J*L;+z-NS zAMRb%g7yAb4I!S~>VKCncOyjbj{j$3)}dSU_48?ECW@aVyDTF7-gu-c#n`x$o}k^A zTy?i;SEVJG;fiPKdMf>V{4k=ei=nM=%CpC>$(AzSp9uP0F`1NK#7fj{j5~1#+(K~9 z3t1H^qAGG(oQ+}{wZ+erADuT11&VftLaZ1m&h1rhfHKk9Pmk|B5u?V#(w_PYHi=?} zmxCnEh`>-X&9#_s6rCpM=DQEzm)=CQW#{!k&kk6(caIjA9EHmI@Lj<^w2B2#TP>?2 zPs-rc9kaZNa`PQE*VAy#IMjH3lE2j@>mcZfl8P^?2Vd=*XE?|C;t`5B9b7D)*ZEXS zf54^F!ZD81@&uOJum)*|_0SW|t%2?pnku%pM#f0K_bE_jGL0<>DDWp#a%+oro2Ra# zhJbO6ih!<-#d$v1N#&_;yVE7%@v9k=y0&vJ1$W+tax3qPQ_=&DZ}@ zx_99SOtWZ667&>!wkP*)tJ9uTx$f-7bxE&y$CUKoDu=3_sW(U?8wYyzw=Jqn7c^u@ z22e(FPP`6#W+ZPw*q}|}ReGb$&t*kp61YkB>iyQW87ymw#0^oXwoz z4rC@s5HHtZk^N^a*N2J7&!q~u%2e=aSf45>a6Iv^p{GLeNO2@#tI-^#uX$)@Oc4$Q z@JHec%SbO>s>I#_;aL*~!zJG>qYCn$#5in|q%kks-fa@izl$H+_~KqfD~kpcBUg5W z`zl9w9v}h)X6enOmlLoM#Y#S+YE4+Vw1zXK$Up;2g&E4WLTleyQ@=adff;%a*U+`Z zK8+~d!TXF3-6E#!vR3yattr5?l~U!M-v4sy zruh?g6G(P98|06+Z)PqehQW!gxu(q39Tl6<*;gDNz>JqDnXcnN|2LM#3f`EAHE%%g zJaku1LY8FAd?|^ErU_SQwnI7XRdbw~v{1vvVz?zRx~+0j}$6re1q+;~0ZZK-lG&t;x?l zsMV(~`|lIM(O7n^ALWGtZvT+KH zK0DqzJj|dgb(h4bOUDi5yAZD9y-}%hnICpv!YIaw@BUmkYGeGK5AmW`28$8Y5a!vJ z@pA@5dN^3?wl7(vQ2n#5FaYz5Lf#@cCm*HGPTqwS`)LGs!xq84*$QM{U-tU>z^?mq z&(HLT5PC|%s~fh-Pp^xVXyFHPJBv;s$1DhJBq0@_F&RgPrnE4hVmXB!TNMu7I-=Wa9&}2#fCEL@yU!#r3YAg1igXw1irV2r=3f ztC~{H$Iu^nOK~J~f{iRfT!!;%;mqL`k!sX3^WG~0KN82KZ5cAO*$iOxA<%w0*V(|X z^NSAQG<_zs{F4?Pxm;J8mUtn@m$uEOo*TO-Xn1XFw3fu+Mon6Ryzj9I40pVr$!wrO z{GC0N;9-hB6!Xd(&5}#A#;)2&Q8!QWgX^w2QfxcaYAs7#QibhbBU9# zU*rO zQypE9&^xLa+cA1ooUP9~7zb30E82473fJgmFla$w zh+q}q(_`Rr0ae|)_(QLQZm_ml+4v>+by5x_ExHiTWAwY5*|65A|0al`MT0uQW)>`X zPuo)+Yb<1V>~QdR-TGsE-)#V8LrG<*wi03S)668X;^Lln(eX}dncMG$fD-T=_x-JN zo@ogxO86IP?i5k+WlwY=l#Byc!>V5f&C)6V!5F<90BvAT)~?v<6GHJN<`zn)^Ad2b zS-@1J;GzoD(*FI42@W$BkFTE2WNy2YRn(>Q5{rL4c8gXNss$Lh=`a)a7^fD6=G zs1oeI(ozu$vY25h;iSwo@xrU2?cKSX?k18*qpi&F=4XL-#kA-J^7;)b&-Pmm+J|Pj zc85J&=G&^j=IpFV9)&jZGMLNKgzObiHhPi&QAmXWcz+)gMmWB`MW&ZZnnYOI?qrp$ z*qD|s%`|_O53w}p0PLP=6twq5;)-< zP4+T9b&pm94_l{Xc1tJcS1nPDVn{XWRP~lce!1Ik(3QjdOF9hzzf4{zB04_EV-nis zCmh3t1^mn;7M0_Cwy!y8=e zdVN!3#M!NR8-28)G}w<2m>knX6Zt=xiZW8bkH#4hxfx*ZD1QoR699Sn|0{&7b z!AsLo_k&vhY=+l4{fxu=MbY=SdR5sKZNAZ#G$ASJS2~KU62@x|1Ey6|Tw`^#Qij5~ z;G^{gfK2djP`Z-_z#?!<^gfku){I$}86*J@c{evO_dA9-kgQDt%;Q=i!)6*iB0Dcfv=cc@ zn;}Jh4<7vy69_wDWN4JHNr&iFs@6_u6I1dADKcza82{t&68S@l>!xT)eem4wC~Ol3 zy6aW40Fc5>2xC^FXgF>-5xSQmPA^eZI1C{Btr4%ToYUWb1e2e|~MuCc=;k5u- z&nw?41QZl!c(^I?tvEL3pS>iF4!)RCllH|sO=Q-S5+2F44UN?kC2If;$_iEYY00^U zikx98W~JJ+>+Bd-8Tr?c4Md9u!mD-oJP{?*FZ@g8_yPJesIXmT+m5gxs{Q?zl$C7T z5t4Z*f%(epu!8T{TtJWO)Ax5|eqA%ho3mQ*o6c$fScnD;9hxtGNOxVyU&d&=J^fK< z-vb9bJa4~MQ~WX#yZaT zXw8>RFLYBLL-4v)UdG13bL}rrfu=3Q~(I)Xu99Z68@dWSGSuG z^j%96PPH&^$m|moa&s{kWDd)?it;J`(_5Ac8Y>BEvg(KD!_V-}#eJcEBYczu4u8X> zuchuY(7=!3ttiMQ0j{EWBS2CS%l5za=jD1)K`3$_&wU95U zpaEKNvTT*@H@ZV3BMJc-^0-?Fkk+>>IrEqbKo)cbGA!>mVrBj^w1k}1j~cw%#bZ2%*H%L+Y+DHq;2SjgTg9+@DiWY_>lO?$ysZ#{R1HFsS;2 zuzDhH3l1dg+3*T>bnv4;rW|+nAVnC= z9hHnK4)8$RJN!XuA|kCkbRMEAIprh%P zmbA^@t+<#cXSQ}l+Pr>CVU85g`N+rqH-QMd>{#mr%E1LIEFqYy8tKe51~s#URwL!e zj)Ebkr9(F+5v@g->F+x|1dTD;y6K?@2C&l|&R1LfzAcZ?DXo&@re9lo>DMh_Mi{hT zX4EbCoj+eo=tSO4qY;O7py49#Hk?tE87`wy^%%{6T{AY+VrlH*o8*CzeI3_~r>Aw@ z(z#&SW*8X_xw;p>Eg3bOIg(7TI0z2Eof|FPGgEx$ZEIk znkWZ`5ZrYfs6*gO&WtxAMwCpj8*KL{4%&80X1;gLzRhsvpr*3I4w1tJom@$zjA$GQ zA_S7@R>u$t(E6fS;9+n*J324rRoz2nr&7tlw-YeurdcUoray{=%j>RDX}+}uSISx` z(<{w<7^&@oh1m-m=x*^Dc#w+3+LrP=>d1LgOY8rk>Mf(L^bL_tkUhDJ<;n4pCrL`TWgW^6CFwS(7ol*>)RW3dQ9Oy~9d3bY${jEfl2h~@bl*|Q4gE!K$tY%= zdJM&VKBGAyuQx1HGrOo1N3}~mSnNR47MqM!`}aSP;YTC&l!u9p#$=C`SZv4}4%Nm~V#-6HCe&fC|E~Vrhc_4eUnDRXLg@ zIL?ZK=kLEqRQ(nHw5^s&u$XCk(+gF<4^dXI;_S|cbp_FaL&W)Im!!J}r`?01c#$6IPx6(w%aXH`IG8U}_*cQd~Ien7_X->!nuduvW%gwAD!?u3l)s0Bxhi9Ph4cJux z0b7nfbF}Dl`!z8Leuqre<()hgD(vgvnO`~08yOKJTK}{Mo-+W-tH8j~MYACjDNDTm zx4bzU-xZ$MeCNAgBafPdMCDxmT|N|YnJ*mQj=3}BaXe$YeEOC;-=97#*HbWDy` z7u`E-=01AE;-(k)GY|K_`b&Is#+#Yrc9#}2xfJLgq^ngZ`!HnLcxW> zcFopjZ|!Ddj!MlYMW;*P>U{xgsGeqJ_8XM<;lxz&^znq?Y{E7P&-)UC>wdUQ$;lNZ z#!msj4K4r;W_}5IIZTct%CEat#?Xs{Gw5rlVEcUldpwidTD)7` z`4W)rd-2_RwT#rw7A?ESbyTtI@;(3dyusoqRbxXTA124nw(O5L9v2LjrJDfsfl3!} z;e?Gy<5L4%_D0{SU9Q$o&nYXn0 zmMJ+214QKDlc&urHV|^#ebZGWZ9u;6JaaK;^EMszFk3`mQ&tEP9L#e497DKk!K6`P zAj#-=>#*YCh!umQJYeWNkhuAZ_VzF@s2J2f==%2Lq46?APfcGWrLZO{CIR0(?8WBw z*OR9az$@cY+fWhw&ao%&bq5-0OPfA~ zF8Hp$xLr(Zh;?3%n65PVe$!*QhaR0`w_viU7rmZI_4jW;?prTiJAgU&3an#wd9B5D z)g_Gvf*uSPdZ*MrQkW9?pUGYjia=g!Fm4|R*qWVg35!md>vL8uCKPb%b0;JY1s|q~ zDbRWNCef&0)BQpPXwxQ!bQ0#F(V52C=w zZyz;5;MsA1%oQZobypnDlzQRwS2;uAL2qrDyv)!mMeJTbzY(XL{Vm#LBcuSsD1|4NW<$ypJd_OQS%-Dy}?n1GP;mZ{5@HQ@7TTe3l zrxSkl-S)-RAI_w{{{UHZiF^Q#JX;T*{hwA1?qZ%$ohC&OZT>)f6FhHu7vk|fd}6cy z+dS-seGO$#uuy*8HjIZ7_v4G4J^sQ8Q)bs^1{Uub4YrkXFa8%I=5!kMe0-C=`SzNX zTB-uD)q+L~q??6YnE}FYLRvTuLtMFzSa$Nw;JuFx?0(P+kG#$p4Tm!pcyUr^qLpsx?P=Uem`H?+_3 zC3SYh<6sP!Q#ovPUvG_QJ0A$vL|&di?IX3i3fWt5we}WR*6Vrntjk(~kE5f~KV3D32zYcQ zz3(p+X<+Y8VB|>F2Y=X~aON`Ass7CLqE|yEN$B(9KPm6KFWc}=TEtNQ9y%f2Q0_%w zye9@!uL(ELAdW$$rK54`RJ5 zoJMsf*wyPY6Gf}^pLc+s3a*z+Y()jlk-5h|_YFVYdQRzF7e*4zc{j99>a($5B3SLy zzX=b-;r~qy|IUD1F=vq6T=Iy#ew_-Z>iI}4m*ohf=QDUWe=O889rd~&HdO-HQFmS4 zdr--LHE-}6lh$rD@07+vET?w(P?>jKC>bm9&@g8R8oWuPpofh%pkZ~PRvTa2&e>nE z3>q9z7gTaV#{A+Pr+T*RZHV=x+3{N&AUS#TK)58tKV&fztn)l?IrOOWtUOg;Z$)I1 zHXTb=rk1XD3jwk&m=0E z{nkaK@MY3QwpedHy*lRbtaJ)$7Uv)Y1*ZI=Re*Al_|X=_h}KC_O#KBjOa7a^qL%t9 zif#&UQ~e~|orl*BLB71k`4QvaH}*_5DsjwqYzHAC!^YX)3g*G(p*>c_=ymU*M9RZB z%EvgWHHS7kwjz%;{lOW{*!7o!^2MXaYdjO9(TpNEP74wN7wyss0JCvGPEW8XstYVZ z;N%{OdEH8F|MgE$l^UDL0>lPIwO3~t&Tlom6r~;LiBgN=_driMU6RRxvS5J}&5f5~ zQSCMWcZ{L<9p|EeV$f$u`J8btAaM(?NxxW9cDnq|W8~#~G?v=4<6Y%OgKQzc#qD0v zMbx>9v^6|%?f^ac{=Q3J*1?BE%r5`rV7`h5!vl-}RFj$;NV9+Fw4rzEPI?ifBUp)}Oo$*JQuQp)3oV46_9&iw!9geVr$oXndq?+io+n+P;6H_$lm#JO% z=aKZGUAlC9H~sGDt@?F!$0D{}lwZ(huCS~u&Z3>ruwnceL8Q>Gjia=oQire_yYjE= z;Pd&%fGJO>8y2}-$HnF%D9wf!q?03<-&hcHq>4i|Z@N}CP?`}}v|8&y`}Q`{rb>t1 z@2N_!_qDv$tgjm7$VT&sU| zH@ZG2kj$J(p=dBBLn$uyZRxQvUJr6YZR&vT-XSiI%SqR5ur{)l&2}y+##I|yKn|C) z{M}EraBS>e$M9mK3Aj+hOU9a&o6};tr^{0%=6wu`!BHD*F^Ky<7fC-1_RS;jq{V8C znK>s@sKek7C{Vz&k#yItDTXpLeZFeyTd{wz6ZU!7Tygvi;S` zbsaU;MDZcWmBlbO85DR#0)+n3@UrT%iog;By%#L^95%M;5S6gU$~TYmW!&(uYlq_; zRXx5nH@qk(cX<7JNTJUNagE-;a*nn5zB&p-$5uzU!xpW;gUO#sN3wDcgZO zKS4Z|Xiq=K>TXuQ)$fOLG?#);BU$cgo2tAf#((!C>Owyn-zL{0gX@wLC31C)At!MJhzB*Rd#uw!G1~pQt8s?o zbu;3Z+$_-?zCTI0Y=&bmzpo*>P^yFE^Q+aao-Gy;D@;bVfL4stq4ecimxuY(4$m=R ztyiqTDw@m>RP=OUvUdahYlTx#5sev4={e%qXPLv{u6C#-*>wfcapgJ38TZ zth?4S(13H_z~v*kK1vP3(~{UgRn2voewc}AQ#GkPU(ojhJ4cRF?*3;F8NcUPp2ia) zX_`TW&~IG8Y|ppq(>eNcgZ zv6{=8myBXpzUsU`w|1e@oqgOcF&>q36Tv*AV`H-2SgMroEnZo~wx$ubTqGY)k(h$S zp3}7E9*UqY`v`$=o!pDIj|uV}Wvnj?S9GND1^TyU1QAdVin)YHMMG9ywPZ3ovr2MY|BN`EEFLp_xo>$O zR6-p{e2zwBQmv_*92w0wD?g~$-#97r$oKT-+x3oY?VES-Ov%ock9)s&<2l&(yWLwu zI!bRMG8RcTDCNOq$mv6zSX90#syuvUUc^>Xd$_16yg}q}PUkrx;BgqAvgVTz72IHe z4tksu#iNr%4}VVw{nFL0UW37)YsL`pM6g8!*#lC z!=SmR+;Q#xNN*xk@49H;S7*yU-?#hd&V!)P_A*TFG ztbMFeBIMc^98ANi+#bbqmm^<5GoIbnI|4q%LzIgiU4)|z(LmqKU{RJD;jO*wesW1j zNf8fP?tPBpzL@DUcntCqa33mjC`<+GCf!+OLvqRM3IZRdVi$f0n z<#)KQxT*H5-z<==kK-pt)xz1lfY6!?d3~X3@49MINKl~ z_rhtQSV&)F51sHly{2QM>BVq?yi)aSv(W`Kqs?`8zn%$h%Y<%!zT+yGU~QG@S3hSO-nI5F zO-xf_%O93mXfAhigXfY~bQA-;n;_(r4UZA3NSG7rP#??__r*_e-Ptjg=N`arUZj{b z#Ln?NtJbA;7`tv+4tkE>hW?H5&h*;P9N80ml2sI=t@t3{&TiuwtLjDbz8SR09Hg>7 z^8hz3*giUyg6(h!XkUg_gaJC&uvvJTwh{d<%s~ z*v|?vn62VpO)3CA;y(;Eo%fF)<)k}xq;9;wYLTA>+mJU)YCnT~%-UU_FK?_!Ww

V5xL>IJb2$9rVC=AULVK z7*^i77!kA+JteY!(vDeG^wtzVWrwP9hx=kz|6RFSt~-k?^~&j|w(QNn6@9dKV|{(- zFA3B4H*ZAZBb{JQXJ@Kc94BS4w}KA~=%!1#vSt2%dE1#yZCe+E4QQC1@I+n1%5|ok z7)1mlbk^TYX`h3*&6iq6`4hHkTkYoa2y#a2L-*_D%^VfIlGWa%%p$0Saq%-X2DYw; z3|>=Hz?Dd%Oa~vH5X3sjYLU$IxpEi5WP!)8#h_c`K{x7?=t=#@kS9zoi`J{Uw&X-N zrgZRx<#I>8ipw5ekXz^}H0c9!cra1NcfCRSc{n!$aH{hiCI+o9q5e!DZW`p&UI|H( zf;y;9d;h;i^WO?OVXdsP7EJMDE&^%7K-*=3dOHuGPUf(!X z4o?6%GsOm7Vs~0y=zD&w{uyNlyNQzp^$IP)kutG0(%n4Ihf#}`&zu)Cf|+YF{+%w) ze?^J+WIN0FTlG!w;br9Rn)um))uD|ijivB5M`LQh(8g7}syQ1h=CC7z*o5dfk#>`` zNJLo{%W77*Re~sC@-pqrJ;LaT)x@69~#7 zw=(F=9Sib>axWWieJ~4eO`v4LihiY&D)ARJZS}HP%<*r(XzTgl zlF{%=!+Ge9eR>{eNdgmWAKkp#&g)2L^D;!V6;n1umLlej{J3eg;NU+}BJMe+OqN1C zb8&W-bG~#$m6i({e-(S~%r%aramP3}77z2Uaz9h8ThzDywYHpk2TG$xy(ib^yD>d! zr7v6ac>%Ml8(+J;{k{JVOQ^EiEx_E~cu(cNcZAOBBwCdEeO~12L;1CJEVjBu#2TW& z6)AqXO>mtjZr`xC#jim`tvS2$9i_&*ja?jpC6dWG2y9g@maqA0iKFW*o zvdP4Obp@5Du0pA&?Em;36pB~>K!W3Xt(|y8H*1~>BFgV1u8pp-L%FCHKE0HHf^IKF7N<4 z%P~)(q~Qth4VH+27)LJ5G~r9*DD9)JGne*<`@1WT*`ZeCh=5N)xPS>YrSL;+1ut%J zxmUM=;rT?GHXmmc(x7yz$&vM8b>VHOXe@X)DBrMJ?)5Egx$~}U0#3bpr{&ODe~C~5 ziRHhbnh6@na`_W;jAP_DW2Aw$@s(m`AZov?nt@4v7_b%E-P}D|&g`sP9o6Z@!B{rP z!AhFQz;lA@b@xVj)apH0FUlTwr>HY~ucwowidBrY?l)0j&Dz5(Pc;Cg4o)Iy_*Qag zbNGAC@0*q_iW%6&n&0i}&+Bwx82N*<@>V#M#p7{%@Ycr3j-tqVj*(~MWcm5JK> z;dV~g$c+8<8kU)FcJkykF5*B=dp?6+A6|<)VAlqB%Z>MJyWS}!MILrbG|^i6cC-d! ztZuZcD!VP~0uL0$1WUwB(B|h>Fk&mXCiG(CuUPKfd}tF-5w}Cp&td{juczRUgaswU zC+ek%p4q7@mj@M!4$w)@>=en@&?rfgAK zZ;%a6tGf1!`?=ouPH;ap`0^H9HU(}=1{$(?eLOY|{GljUJ%-wlqfuBBYQSDH?VMK3 zg8;3-s=;BS4#fJW%nOowEMKvFaPdSdU9=uR$S_%cB{l5T_ZjCX9qXbB%MBt7vVwE= zGQ{^huPd7=l3@i8GmJ_g8k{v_NpSvLvd8nY2ZMqcJ7K!31DmK}P_84_8|^8g&x>G6 ztjX7HNgpa$0-$Gv0e}=Ka#RBsjoM38KjdwLJgkbycmL*61@H-#Y7S zV)sl-;TuOofJVe76sa$Vk9Ft8u?&7KV(Je1 z_E_KC?+}|y7V7~h5mdo|b8vOzUu`U4L#@MTkYSq?%Vk+D6RiRqTXCIUd&wOGoo1OM zqSabI(3c&uF=3NVV?m818&)@ zg^;JY^cDB0Xar9W1V0pPh}tj?QeGp6%5Ra>Q||0+`MAP2&}Iq8>Go4r9VY`&Pz-?G z7?Z8YZ5lX4W8p2hL|9xp_J)qaSZ?r%*a+r_oAw7{?upZ8-fv_KWNFJj5PFG|qA%(a z0eu6(9=zcw+L+I^Sa$9z7KhoQe%nR*SO6f4?xCXcMAR@THcN;GmsH31FtS!8{7!!s z0glj~?}HrHObW+&`a{uqQ9Nh~+1_`Arkor^*PanEU!ljGWj7T%&7iktrX*#U-%qWI|Rfj>JP>Hy>7; zP|SRrWLP;lev|6=`VwS&K@pWc=9!|O$LZ8(n8$3$a<$wPD`*~F6g83<4ml#{0lep2 z*0(R_GU{yYg@@uos5*9IE(ON{F<>`101(8MkM65wf)g!KJbIH~IYmy)1-yF6TKj2A z4?{8|jCS}X$F4OX_mwx>N_iFlJK(%0&~7aoHfIHa*W5qH(d| zv@ULy#SP(RcS<3bA^Ip;5)ojif`%3W76u4>{Lvkv=kDW5j9W=XPo2AJ-;s=n&xIVb zeJqN@x$Y56q0waeCnH({Vw#&kdd>`$pCMcY4 zU0}#i8GTplPHeMPB3nN$1dIEE<1f{pKlH?Z1XH*HT+xahq^1nj)zxQd8M`XPPl249 z1(oBL6yBab*QQWC?JX{FtCgszFrRVS`f+HjN{NwaAw?}wX-x}td11-;gSb5=@mHFS zf_f|3^L}P~T}$yk&bKsZLlp7euhmZ->$D7VgYW4i@MD%w=r@=%ELVy?fKE+QnD_{1 zTtnZh6ju=hX!99}#F*dy^%N$_jOKA`c8cn8TCn#sKm~lKZFKGtEIY_w89lE~%PiUr zmP+4bb4pf7s;+*=O8kH*YSN6+!=NrgiFs^Kt&N&;N>GP`_!HATM#5HVH(c0>3`@oy z^t4i5ozZ*U_xi+UaSsMej9^p$s_7?i0}qLS*Q$ls5bHCn9A+l0+&CnR`&i2D&j3Bh zUnxCnbpTf1yS>!!R~fHMCaOI==_Ba9DBlx|2OnhPYoji%5*EPs3j9HpI|6}{F$evs zEP)JBD%6#@fAD;Fa`gI@;WwB?J>%`HsUdfC`e5y5s`z}pt^Bbs3`s>_Utie}!shB9 zoaoN2=O+~82v+a!o}f}NvHsjkFxs5MQ=}lI>FKtEY=PL%A9kdMVwNn9)5OwXo7($>c=yUP?VWM}p;W5+Iaru`k9{H-Pkbr1C zpO~-)apX&gKtl=v*m-q613G+-b7NX=x=y6iICYSyKI8L)@8o z@Bae|1&WFjgNWIBN(I239*kgASEAC;LLg#cVd1lS)qilGe_$3c@>e)97_W|J+0cjy zpvlV0`Xxw5R~NrI74QEp14cK^{4<)o7|nItYNj;4szGqKF4M`rXsZ5y4GHmdu%_4{ z6m??RbbW*#Z?f8?IscGltSUvwWGR`;ltqXR?f1C8uRSoTRig zZYKLDsP7nm;>4PnTfvx~6E?(%C2pKHQG9l*dSYbWf5=YvCFzj`@bIAP~l61ul|bb5e7Ey7v+uxAc2Q z1w;dz9%asc1}wsY4eb8x_N+n+4AVb!<#IhlK3i!?#N9ohOr92fFsR!29^ZgKL3{x! zM*4;)&<_3l4VOI+G{u!K?xPnMK!!m1kOq~YpOK3y=)~fF#fmwLD%Ab;-`avYR<_{! zx3(aeIM-a!<}Iv>m~~xe#O4wFqoi~z zdep0k5MXZuQBhviLP1=M??1^sS7Ri?i@ng&ATE_A$%tm-310m+?FD~+{%Al6nBJv( zCjxz64xzw>X<7KkNyoB3gztjTQv##2hjn@HSqCH8%Vq*bNA+iX13x6Y{;c*t=#*h@ z=^JmCDKCf|L|n+wOLvCt#7fsr`sCEpa-)MC%A|R@NzPa&1?Yw1rq`} z13i42OxsbK8xdJj8rtRU`L4l!oyYCx6qpje1Pt4Y#pgy1K+^g8bjn&Gl}Ity>Sps( zUZz+ccwAvH?&#Tmdp%}dPM&@VD;o^ioKPzhAoPm@9)ghgQ|^cz3ER~tK&dimJUYTY zqCl<1(QILZ&y#a6(KQ&$Wx3jD2f6RO+36eE!j>(Rosl8!$&JTm`2)V78Op(RlZRszB83vPoagyS>~gdSUh`W=raL`(t^5;kV}vSGZUqbVI0o1~(Z z9_NGNBK1>L>=PmkX!cmiUY&-0M5Z`Jj)j_$mtLtY@$#&y9$_EMs&Ca7`Yp2d^}OxE zax#mX&Hvqpg2~K!x|?eoR49WrIys3*CEBM&pC-4Cf%YkKoIErfz6c$w|n$8gb03bv#dZdAhyL{}wQNd~RBqXrXX(y=xEE;LIb_N^) z+8Y&D)G}cW6KY@n>L0uL2oQM4y4$G(Z{6l`pwWIw9V$;|a>fz0+X!oKz^kFl>t9?SX{kj@Bwii#mW zfj@L~f^svmDhgf^`Yq3t23BKf@Vc}1Ix0*(G~0BOeTxzX?u^JwVV$maSQrB%heEb3V-+O@T4q?lsTOcM-q@FB514Wh@Q+XUp$7z zci)YyAj!c0jr|SGp8lJ2(?>;$er5qI8>7SgGhWm91uwc#WncM0=^!i_z{~L%$Y2hJ z-Ig>rr>R$Ji+#nUQ(QgL($X4z#$Q}P{3&5aO4#vidOBVkZSicfvAq(7Vf(5na&Y~U zgE&WcsjSjVQgiYH?vG`b5RMf!+$szso_*LpSp%fY$NSrD4-C;XngU-gSvb9R!|$=B zheb~T9el5p8pt@cfI{x9W#bb9a6jv}kKV70(_k$Z1@HS)rRPjbnR4|?indtEq0P?2Z86jdB@r=iFg96s?t^`IYj+KLGZ1iP7?<7bu&ZbCP9zsQ>0tC24D7G zBH3?Y#Z}LK+zZPTMiVSKw!#Wikx#QSwU`QxN*;>_<5=T(PDZIsToqZ;**_CwCUv0C8>$m_)dvvJK-n z_qVH97`jIrv^dKhys>N3Q{#xLBp?E8_td|p00xLOPB2@j*o6LbunALc@jX~2fqI1e zme8oh7i=uE!Ek8CgWXyo=nFgXzm07K`1yhVRD!&YON*2G?xPqxHMP-dHFyk zOQi(5qOSYgOhl&FZQd>IVGH(GCMVn zsYwEN`2Gzh1n-^oAWb)x#K!%egN>MaDz;u753hTUxbX``oB{jk7AqHS^t+#KqB#0I zzc9pfqxVr+b_aY8R0&#RBUQTM^1LJl`&-&$&*q-G#+%Wld5&#m13mFiLxSMWrc)B) zn?VNSd(dK2&Oj#qwA#yMA5t=d!Oi}}QHD*`cS%U234*xKsIp9n@ip78&e*N(;3aiT z_S>?7Q|YSv-k0t&9J=U_T4=PM-FNysvM&(5`V@Us5?ygD4ta4_juCJ@hTFE6MEmCOXumdK_`~kSFh*G@t2wIzHqtr&9S9{7g(v6|4{M&n5TZMv8Kg8 z(rGt@Z+KtulS8$G1+J3b3l}kG-Mbw&J3DylP>Vlga|HB`h%qs^c^Ne>Yl3`y3X^N2 zs;}Y~{s$26M+|JXVETUbbUns6Kf=WYgI|1Wc*30kam&2b30wRYP}@I~GM38dF$dMt zhhpoLAT`Lq5GsWGKZLpBSJ;03pccn1;pbbBLULw~)6U@h@l4eGrA5r&QD<-)1*EUE zuc{V`mR_?^5Onap2Uyh!cpG%X2ZZeDgR{O$kQihT7!=a}-}R8aA-6Mn=;-JQ2BNS) zp&u3(bbm8jJGuOh=cuMh2G-ZtVS<>~fIZM(pjT@?pl!SHmzP4v1A1z<5Jh16*4KfJ zlBLtiFPko7-eh*OMRv2DWL-B;1pwzeZ-b0PmkaKPeK{KCg760Yx+SWGbbIVl)61DRMRzTN<-is70+GTg22*{wTjokS&tJ>J*?E2ni*gjvA5*4y zF&K38$LN-XD+M2_MH6Lnk+hsN*=|pW{n;x~!=19$JNAlZIdUX7YRL<*)eE&!ZxOeq zKkJG3#yh?2ia>o??FnVJnc$ef*a{(i10tldIPta^*F?@8RC1MK z&@sDRx%ozu4cL=B6a6{ACfpk_Q0>T8g7I+B&kgDF6G>-jN%Y?kj>tg4LlYU>S12CF zVl2_hB#fA)dpCjKyPcAd+c>7V$rf}AM|^7{SK{8ISJm==UC6n)seHpeSx5_~;a0>PTZY<|Roji4dz1|lk5JV<>(loiW3ecCGB7LwwGWv`Kx zu7cpoXd?yV!>y-O*ALkwRY)xmohH9Zo%H5d4Hr)vx32aN0zLdvKUZ@aUCP7;WoMvm zvZ+{|Dk~B^09~Y5Jxpo(&N31co>E5;@XR;Zzdp(}t_*IgDC7i46Zp<14`GIc1sM@) zv1CgqPX#TU8=W?AkXRzYYQ}c&1i-MpjTy}zj5w$j2$Q_1~)_3B0*%RF%b#)Q0?enGt~^l?nqHk z3-?7EQD(vBS$O0f-L^V9J3Aq#NWzR7%*WvW(zL^+9Zvv{mRdYbXbNs%bcFt0rJ&rD zC(7pCOs`bhgRy1sW_-mFzL^43AATTZOy1gBw`rY_kWjV8P{`TMtq=x@aC&bnwbb)! zyHyH-P|)iZmJi|A%)3}L@O}uE9`dsbisuu{uOc~o;oPa5nG#07LLaE8Qn8`Pi!}ca zEg>v3x(%>~sWaTgdgXkXvR$QC+firfz2jQ+m+KH=UUT-_^ql0H{R#4RiZtls+9l!T|*w=Sw_S<_F~W_u9QL=N_P7E zVIILZy_*nnXgm=+NqrN_44GXmI_WlbChOE|*3{x@u=qNW{Va(4euR|7>hazm;W$tP zXQ|%P?z9691qm77)g_o-W>`i_jxHjRt0mAvBu1$bnowV3y5O}K=$zshqk%skT#cmp zWJ>8=dmY^y{ADcN&B!(j{fOXpf!MkAHCb=qS%&dw*TuvDvIW2$KY5+F7=p_^njUNLDYI8A)+TU`t3az!I-eFA_a@~7GjODZ zB$CZv6d_1gxNSxQ8tH30YIC|6{gYE+n4#UNpZ|-?YW2)l>%O(HOEI65S81Pac{duE zOUE0c#^JJGaa>vUCu2I(&KorIwt6%gl6ZT?>kwIbzcAN1ggp8^E139R=tn&~g%0C# z@6f2`M*Fi3FT%HP7pFUP?Oj0D0Uc)UZ?sW8NG69%o4LjWMPKG|4(0qpbXE5xslx~Y zSzdVID8JXnD_bVp9-5Brw%l#83>M}mBJEY*uUv&CPx>V5hA1D2y_@M$B`Pv?yyDAd zQyd(<<8wPJT3VLyoK-dqEb)3`ljgsjVDp~Ep=iTG>=XYzN>0xfgPuJ*!8$TCg=}e! zU@XvZR`yJ+SFP9xIA8Cii2I63PrtdmT^gR5_Uz|BXX=bHR)Q)$B+ysrJhIq=G! zkW-(g-6?C^ON6B0P>MX6b4OmO`^b8S_uMk0YlAs4+ctzbondSZtSr}AWGuQH^T$eA zQB#H^q^U@+2oSc-2}qFIiN4?(3io+`ZFy8nO84>gO|(N+h_RU15%q)89Tuy~HGRp? z`kpGizXkQZ;i3t-RJ87)sjB&FSTb%$M$k2sWooTM^a$ST~JgimWe22v;HXlOb7ItYnC;!bZcIj({ z&-Dmpugg`)7Q!~oMM>YrOP2ZwtJm!z+09z38?90{v&mq%*r_p&ILpsk8E9ntpnw=; zD#qTMhGVvX^Y9wJ8*|yY6ScoVyw^UjHS%oEKfXRa+n;^{(DNL-5u14^C>V>)$CK%P zJv!f$Q&M6yQ&t({RIRGDk<)QQQ(1+wd?WtIFf^Y$lMOj(1;qp< z+-^%kibehTr5uFWYF+}%=z3UkfX=De zV+!X>mo!em*#9gCW6d-dcC7~BpO~~^Swcm8+eysa1-G^-`kuaCqHq^Z3C3rP#3W``cZx zNNIGcI>+_tb0+0<;iiP^)u|G9hi;jVTiJ&=@A84Hu^jo>tzc7P{msb*QRn^yXvzv* zCTZ&IRKO7ZjmfGcI*xk(2%&Lyo;`6x)vs67HfGQ4^CDwTAzIi6#^|w}u>?i99a{Wz zDrVd80zW1vC#SOqRsu*4SszRDcPOpe>0c?pXiGxQ!~6hh1`Zk$q03?AIgRdYzF4hOG*J^Rh6zB9q9tSky=%MUUEpT2U4B6)DS610TP3KOH6W0FfsNXOcU{KW+QxU-7)Dyh5t0{02_o~ppchdJ#T_mM z5;%Kg!mFJW!o`x0U0iKoKihg9p#O2$mRP4&2qaN07m~Ri%@X4w*W>Ysrct*+zFg-feyDRj9=;vdqQ@p-x~Y%tB3gqe;or;(M*n_OR$6fXLB_i8sV;O$nM`01`6*uTDt>*tEhpwqmPE`VQSCI z*+BH0;Ziw5__5hSnZ#VHYZ9?YDk;>CR2nsD=oSUfphXp2v`Ld;?a?+Ca!TyBUDz!F zSWV8)h+C}wZ&oO%3Y#}=A2ktkJL}9WgX9nK4~N+T4zyRQPM09!>ycy1pA|#ZLkBN8 ze!L2=ar+LqzSQ&!&XYRc%JdQ~FMaI|x#mUh zpc%&JTdLEM+Nvc^BHV1yCxqXGL!(ekWzf6LDg+CpiugX?D*Yn!vY;f|z{~1r!!Q#2 z<8iSuYL)kJwKD`-uD773qLSg;n9Xw(;8P0`3M@lEYYN^dcDVv?Wf96<6gLngLg4S zIXO89O8ukQv=Bv_k*Ki*w7%Stu!UthulKPq11r*vKL$ILSY; zJP+R`>&j!IT$eawF;6hCjlTJZUy5_OCCOfWVg1Vj;}oaCQhtYO!yT0o`)kL$?tsMs zFP%~$J9vV_)1HBF87gj+qgy0!4lIM*>TyA+*WBG^AUgb*2lW**X)7#=4Q>;U-CES+ zd@TXs8JTJFiz2lcoCaZ;0;ezvO;V@jop&FfAcF1oIo>Es}1v%LpfoIy2P|lDPV!?2^~UKXYu!zSK1n#fBfb1HPT0~ zqja)Opnr%i>*q~BtS{?dXExv}x_pzEWI+vXtJ+Wc-qKZ$PM9ymAWKl+f?@!|vslkGSPn%w$S~s7Fp`wB=n|*Du_lw-1(}$wEXB?Z5 zSsbvd=;=C%O^EtC`L$M``-CwB;I@@cH5%d>nkQ(2!M?Volf490N8I;fe5@a6upVevx2bj~Rt?8(D zF9Cw+)4)X_jiAKhWXS5uaf1o9it^i{$TL1MNf-&7&Tx#$g5aB{RHtOnDSq=Br@xOU z$>b2Izi4=)!@KZ-rFzVyI4LPy9RNO0!Q*t3lAp5h&<`@?OMJQu3UEX9bbJU!SRkYk z-WU4OodIj9-9x9-NH<@iBmzx-;G4&d9#i*4Ui-U?55vZJ?c@)Kt=AnnhIIUXnI-1L z8Fa0YaXodabdotFh13^JXO!HS;Gb3yQtp~OPTP=9X(Z=5;KZ`ZT#W0%7DYuX#dS&9 zn8?xqC`cmmubHE9v>r6lr!tt&wB(Mj(_L&5r&fL+lXqm^j$5}VxHDZ)Z%w{-zm6Qy zAZMcjii(Hzbae|b5-SDU?VZ42i`x;(ocQwccYCO^UaAgg`&KN8#qIA2BENT(Y#?P9666 zg>LLZ0*dI<5V*mlG5zqcVP4!G=lJyc?P=oC*h1h$9{Vab7aTcABA8yfwC2}H^)49? zPsaQEivy3>E!Ey6P=_Wh1Rg`0A+zVDaX8=a?Kw&N|7Umsp|DxJfOy2y4biC_{vs9( z8+Z#<_Js)Bz5JJ^e<_!le}~@l%JRdFO4_*+Gb|d#0 zrV`u273&Ldmf~N2LH=&jQi6O`Jppvy)>!e|yQ%t@gS&s3epC7yquxl3)qIY#%+70w z^z{C`|F6uY`|CH9O^Ov4J*hYksX`DeKvP1{$W5`nU@jkb|-LI1$v_Dehr%VPU}5xGl-^;yo?FRK|MM%TbUVaaWeQz`+jwY^|TISJ;BI4E!by&MbY{f8uLzN~y^lMO% zLIJ^*+4Y1co6Ry}ida*SGrD-Fj|xq)w}RZgmdig>G-0{;3lk~dzKw6 zm8x*fLLnK!ySooqX%0E%fRgyB5)#t)%9*`H3F)w?RB7#?($Ziu6c`vRMD+l_e$Vw~ zc`(F9=xCun506=Q3>=Sc3KR}3n^7U2GP6b?Ileq;CvWLa=dv?zF&<2u$`wT(h@lA5 zSb!n^{4<#>K>v^hmWK`wMg~hhp8JUx?rLFg({he6m7~LxldFz1!P4?%9B(TNH3RVuX*7dxynDkNt$brl zPHygj*8cfW*OL`KgQ)XW@28CPjEoYsO5IIbeptuPyctW~zNTb;9>P5FCMdczd&5ZLl zy?i_pE~5;nnG+n@tfnItoQU$(vf`3I4aQE(oe;sKy#(av&}nQfXQn0 zyNFwGQ3G0ns4FqK5dfC8j4>R+S#GO*ysae)7m*W_9(PGy#TD`*89fen3CPqTjfI39 zPHyI@gBP%XB8ttT95= zX|fa5WN_uqYF+j8@L*UV)FHOSuXQHI4Y1nobUh?^Z_SX=@z&{cVAyXE9uQh?*3~Y- zID$IoKFwQ$qBLjzWI=oHOj5?kC89pH!7@TuDK4US4jCDC=IrK_!f4gPQF@U}=8>8H z{ABP7xIwf4>kVtk?C**rXxuF;T;JlA?LWdRE9`|q*u|=ngo|tLuwYts*+2m$2v)UY z^epe=^`cF8=GM_-W75xgt~cQYTfi_JcE`vxYd=R^TJET45OSs$9nP2ZO$-!F2%O4` ztFQ9(j@>fD^>Nvh6ytwcD z`hVW+->$r}bDY%6?fE%(yTT(Zkfgg&mi_r+kg|c->*)S|ukk`8`-Zassl{I~6hXb* zufO&3^fY>gL{Cp|FJpM!$E7cQvPez|D3qWSmvW1X?eF{TM8F+Qf<$)fhggH=ITN3k zmlw;3@ySYSiPO$!`N6>mZl`O$b;))eH$YoCcrF=F zL)JRa<8&wkPsFTrPAR2#<^{iav>_6A2vRkNPF@LWI4I!7qLGBZfEw^I)Qkrf|Yt{k3&CynE`&a0pL3L=@Hc|bV8LIVbjLQfG#rOFSFLfZUJHM0QSUst>(is>4?vNC z#gNIo@LDHqkHwJ?RbL;9r9{S|RTQZ>GD0Rf2^dj2aJ|@0P#wKIM^#&hpK(4Fr~er~ z7*##Ud0mVT{dPf8M_5bMpHn?QKk2)01F*47x+b?jkq4Evdx!V$aBla^W_^5_(fP`H znfmA9RF##+0D+SApRVd94Wh&|Y=y6QEC?9u*!d8u2B{!>`S51YxiuAS4Luzbt<}hI ztYjjQY5nVAf8fZPl%MgIT}X7)T4rnns-{KxgoQnC4fhK*qY2sAwrHy=4&L{PB+8|C zM(4QUgjBoTAy{^F&F0hJCbZIp;dI(OQlOd(@4r_`m!aFsj!+%N-NVJ`)(C&1m|07p zN~!8NR1|o+_EWjZ&UgcH(j_P(j&qKe=dCTe%e8~|L3v}bLf*%kO|!{Dj38@+K5E?U zE*_G1O3TZyH-{bmbln#)Yc)u7>)Wom>Cz8c{bsMcrkc65WY+ni?DYaA0;4aFh{G~D zN9+3w2rk*$!I7j~W*?7%WsRhmzk(B=*RPJ{S+?#HzbkNJ-HqAL6g(iJ>h3 zJ=&b-PYt*4_N`^gURTpM#~bkVc_dB`P?@N)FNpI zj{ZL0pA=wfm#M$Ae=k+LrLkB$jDhecD81rz!C1F%=pa2ue?RtTbphg^`_H-bH=PVR zCvAbbFl+fjdd^aSw!fPC_aWqS98yk_g3?^|Gm~Skjf$ZBt8Q}Gv+2|`lPQzmliTypdXVC~%@RYW+_mf@$Ni}o$5U=O zR11ggA$&8O%|9tvRMKN%dHu%KI57!4D>|lqkwg;<1G9`|fT(_>>gL**TcT9-P2~&k zSbkYqOF0$2Zt|>t4pf)>e?dZ~^P=9w;&7?Serp1@VW7ru zF!RPkMq`J|u=gdG@u*pXnOi-nZT6z7svVHhNz{HG&IK(KyHvG%h87+TC@2Wt)|`U8 z%u2pKf^JweDXVD^f0D2Qr9Bw9L8 z6C3P747>reP4*^S5gu3jDqNnA<61w>6yy%n) zUk;~p#ksf-L6vpiPmuALlw-$2ap?0WG=UK3?yQf5G6|aJ-5f6)6R0{x5%Ew(%?}KQ ztDCWlCJP{+ytY9zC?9p|tX|KknJLo{elYyH(IX^C+KO1k{!Ke)XitZ6zg7tHklx{z z!vDO;74Yt&kK{}Mh)E5u%B{8Al1$}wWdQ=;2-ys7N}M+hQ$V{YUTN8oeWuJ?v|b{h zN;?0oPfMs~E4FAKyc)VFjT8f87K(tPE{%!vtq~+nEi$faYSvGxWg@kcFX(^sz6j-Y zJr|){Bh1gtCM?!xN}7oj#eUw|M)T{QtvId=2gA& zPtm~1pGMfe9$dV|rq+W`*`vjeIV*KoYdii~SmJl+V=aFD7O)!XXA)smIPn2R7OoMb z?brngj0rzFQR#R+M>>_7TWZndvMf~8F^u}txvtvRG`Kded|Cn{lb*dL(e3KTl_q}P zR*67AS8Fnw7|PC!A&)Jz%qFR+wCZY}(RcwErOGR8Czq(*w$* z5h+<%6i;H)($ZGAPTps}jnMUb$xo|Zm2C+l_YRLno>Zk=;ZKc!1R3>fV*w|orRiyv z(RbqW9C1VriWC5iOk58cNMxj+9WE?cf_{=UR ztWlU|O=JI&+Sq|azWo-VN*JxOsk`p`ZE~t+>^9C2xC)crqa`z{(NVgbQc1yY4nG*@ zjm{^yiB!=P0+S%>6?;DRPSg(!6k?J2Q38+Zl?b|!4pk{Bgg&+{_DbH7L*;~pvwD$5 z2A#rsfknc^V50gz^Xu$`=;&ieFsfAF5{5pKtt(uv*~0Rnx=Q3Q=l0y)a$3@tBz&k5 zugpt=lr^L4+uqc_UIdZkx22fr!`fUZi1+M?Q&g2&_qD_05SQ@2C=zB0gt<-993@p5p9Ex@SE_tp zO&BiNEV#L_#6GvNSC>9P}X|3dhOP z(4NWfkggH#2e%e$NUZ&d2vsateBng=+sx4EmBIQKQNs6CU)DQm&x2PLXD;;N!;;0nr99QtHyWK0A$D9skQO=e)K6TdetNG7G48(em3Z1V>1^-Ku1O=mf z{^W|Qe%*RI&z2}l%A2?$B0b2NgJ7G_dW)G8_WP^7c>3viBvxo)3zdQKK;awSoiHKV zaI6sob1x>b?l0k3NZ-bJJ%rV7es@=}vYlO}h{HB3ximGi10q z(jMWi$Hp6d_QcCvt?~XXr8h&L2&p;d%wH)Jo$4A_E8{ZH* zmuTB5WXy)Ps$OFhB0V~!@%^MzL!42Vru_WJF-i3jnJmqgIY9ycmJUtdkAADWxrIzC z;+JP#!jVMYRE&(8f1V8Y_zN36sw5b>HlM?wi=+6)KaAS0A$2FY#di93-xlDko9X4u z#ne8hxY;DY($jMR7Y(NIU~dW z`^#W6*s{HOj!TVq+s1@%t?v=*(#O8ybXx490WO7Mix-ewu%C~e*?Q{*8@3BggX zHz}ghCm`ZTZDr>0h6)wtuRFIDPW!Aa!3+N#Q{iYrLma&&K&DT;J>LowkT{){Csy4> zncg`#NF#kO8%LopjW74>J@^u9H~z)mh3q=GlmD{wYpJz*vjH#s?Ef(v|HIPXJcFAI zf2)A~57Pe!ar->Oz?SBP`|tn%`xGVkR2iqjtN;5`;6u;A&xg}`uCQuvE{{+b)BXjt3`e~uvhU713ZHQ-=!qu#?#OLDVRR8`N+h!D2xa6GZDiU%DjlWUIJK#7Uv<7Z}_OT&!eyQ`+OiD*N} z=N7+mw34@cP&VE+$S@KwfKt4}Ibt&omiobL}I;4qKhKfk(|l#0Uo@7gJhIf`^QeyqXhTs_7Q=a?}(LZZc-iEbza^4p-S zR(osbD~N>H;g=$$FP>=!8Rxcmo3Nx&^SR)YK`5_Ho5uj<|H#{X-wpw-hOzH*{0a$! z5ORY)Khdz@)?STNLpNR&hZyz(*lhj6_*WA}$M1J zG9lyt7mzTq)LY%yJ>S`q_p~8d>9nZ7yVKxQ+WwUiw?e}5)$Mv;blPG{JRL(#utNwI z-E>(~s{{ z_vbm30Va*MgLpq&r)An{)N8V*a(Hsb560(-pt3^W*5_;*CNl^C52uuD=kh8dA|6L_>b^f>UqFkY!^WK>PreTmR2U#Q0V^aVWcpS9jjOwk z=!>wqL@-}oUiJ(Xl1lLmPRU-_Kmg@@G$T#3) zFpqw$wFsKPmM8w@Hb*HcCtRLPPf8)Iv(Gr_=v6PkwdJ4UEn6aVnjMwgzngWva6A7~ z?H2j`-;Lix-dit44{UY8qZ!R|HEhM7v=_Nu9W1^^x||I~6#QBD`)6%JVG_>$_WAW^ z2EstY+ZyAB3HHn9uwbnfMb?0rhs|M(6trl^-nuA-l5|J%O@C99Q{WPR3Bi|nhV=Pk z)U*90Sck?a?N&R=fWSb%m(ce+hXWG{&#Ubc1TWytbe};fg?neaElsDFXX(K?Wu0FGt{WxSOL{Ik+mzeoQW%3f&HvfA^>HeY!r(8K?MI{B&V= zdp|ieUt1!dBgC;_=rBkOEW0j9p&^!kra~#`d~1+e>wa@jX`#+GFQJZb7#0e30xxzq zD!`^{dG(42ivszVUbc@i)5Yd++7Cz!GAx@A@V_5lK!!=1lB`eKJXNrza2a!x)t(%t z!~V0B*JK@1zEmOK6A5!83S6oU*o39Sc7{?WKe`25&#}VLBwzF15gfY570PTaP*^W` zVmNp$1yK>dMFJ=C8ZQJDH4 z*^Jjvy1KjeXX>;&MO+^(Tllw%B!O3c81d{${ZWG^_F{WTp;@=cTIbGsU-|s>R33VN zOJ8t*tyiM251v2e9WCSqEtHBHFjB!njRibgC3O}7BuE5zTh%jD@R4t;WK$ zEN|J7k&%DT%?SLMnN*&cu;)4v1Gm$D{OLWd^8>2>1<|6k?NPu0Lrv1xv# zva_?RNwm(+AdNNv`$H-GCH_R1;C&=f|LwHEny^7q7=03Rk=k@IJoL#Yq)B;s(|f}S zMBSh6q!4^c0FwkU2ES0^=%=s!F)2^qJ#`;A6yD|DKEv-OXckzCL16 zrn_rD9c~A3=0(Kb;f##%0%~*8JZ_u`y$S)?74FYap<#(^i<@I}+q9m?Og@k4X3ZomE$!bK=_lNT5sNeI8L6p zbl(0XYo+iD9vY``$-Z1{%Mh@bMlbzNq+gp$1ko-JxD%~>erzO&CN*%L2NYkgB_Mq6 zH>wh4noY5p0^Svw|Ah>e*p33JB-7pd6D4{1Xv@H)B5F?oPi~b;1qzC^fFB=7g@HdB zl7A>(QikBrtL9G_4-RZ%U|@7h{%2q;sU3ThMFqm605&mF@?bG3BrzGuNBZpz4jej! zZVY!~Px=FQ;OnPxE7cpqbz59={&(w%w2qjrpuN0LT{LVA(yB*02U4t`M+-42CG(w? z=y8*=;Lp-|7ER<<6H=c9H7QT9JFZ;UhL8|iX#H^SjfUy8+@!iQ z7i--caq0+UfGe!}46%Rum2CLYSXa={V>G@R2=K6Y$ZWr*;KK$UR?|8p_ zri5Lwo($v-$nCdVe{lW%h3ucHzoqtlwcgFDA|1kvgBlRZX0{OD_OSiBNh!(>1zK!| z09%nBf>kT?@o8*)@3_09VYT-=0D0Q*-}VyJMEvqKl$ly4x87p*n`piHaw>n?TVHK$ z?I{bWe|{?sw%8}8@8)o@3(kk)BeJqJ1!9qeIrcjv8Xro>MZn6GW4X{8Xho9nBytkQ zkY_YI^6Vz8wzwj1MyB-1oRN_>jr+a-t*yEiP-^efj^50TspmfHc zhn+$Jxt%0reSMwn^Ayc*!Tr!noHOSj&p$cgJ*C=RAk7E42w^v5`+I)e8WVzPQb%jE zb4gkw)S*_kaZK#R;|Z8EC|-``Eo8MI)2SmIG*`{wisJAmuTVzt{yG z`_QmBC91AwK3kFT7J1}@pgpXM&IV|UmHK4h-UDSq_}hO(fH6GGoArRE7#Q5Ubwxly z%u%5DIF`a{GDU^r_TNrjiXWRjMuY2w_)}a58>;xP9=a zvj!!A+a8nlchbs>*0lFF`^#7};;uFToN}9u$UvZc%LJ62z1Gz3o?vi6OZ2V3p`-z)nOA5ND7U| z&kVeNZ#@QxO$m=rlO*IHNrVd3zr2;N6Gf zk9ay{H7}}#?UPUYf&vRoth=&|Huh}cVcEp8O{)!*8+G~SnO0uAq$E?lrviv#0Z3T} z_qN2VqxCRU$ytpD-pr~~D)Ya$oD&412ZbU4^Zf7w5P+(n!SZ0eGYKy3nw zu{<^AdeIiOQ{b(qF22HBiM*6~6ykBaEN&@_D`JyEXJSPTxBVgnN#47L&zq#M54d6uCAvaDTE zVarZB2GsAdMMczqDG5`%NQK3!1?;*+jvHjz_WrL8PBN2p_z;IOQV1EzHAhu zIf#Z?)q(4gxM)kB*0R1#J_k~+UJVH?grJGr|Vtkf6{E)Vq5_aKuldYvhj6-fEt_ERZjY- zN2k?I#nYDHtSM~cf#Gno%hi0UnCyVd*Hva-j?&3?@Q7SDWyNGELIC_xA?5vn}!vmT?%JS z52k;bN;9G zD`SDjKNQu%V;~GnA58XOFMYS&Faj*@QJm6N%kgA%)g(qGqLS`X``6A9F~ELDCk0%w zuUn=2`)nhgY8t6B-S*-2b+BEg+fxsnxz5q^Pg3;MdF223*&8eM@XTndCVIp~ZKZ<* zR84Fk=}r0kl}1nsmVnKYW>&;5&BbaOcU{_0oYRzRFiFo#qQxG*vR(P>tkyaAThx}3 z+tmt}Wm7_e9R!G{R4>46tAt340ZnP8yO`L~E~m5k*WfV;&HO06A0NOW3k(DF zpP5KO+OQ2$)X4{F1%nru`p8Cd@3snm8LZP7iu)S&rH6LXira3FFT;r`aG()!iyZQH zEA22?{(M;TN860&2*UgQ<>O%$tLwSZ-j}?ol9pP^?O8qVgvk>yMJP_`yez-wd?1k^ zGxdbZz~x-IwWKpr^r7e12*%-MM<`to&u_0<7GxM03(B{^Nn^iXo*M1q#%TTI7i@ul zG2k1V)L3PgLa$bVJsa{8JZK??;2Q5FCs_gxhA9<8w7tk&9BFkAg}ZJo=C7HUubrXu z{c+SKKw;#j$3`d{JZn&MKCfXZTteUC6`Rn6&-!@`D354uYzZYJ?Mo0=)eIDog5dDQ ze`wa5+iCHl%5|^D#2?XURBv%}KE#kq>M~L1oVv-YN^4Xrw^+Fzy^@QwPa`AEc7zNN z41OJb|FpKD@qAsMnr|?{EC1@E!`9Xtb5I4FmXVxG8b|3INo>qH=UL13%!n&7f? ze}z+L-xnxq)9Bla42cU{G`qN^&vH^d)EJgh2l22p@Sv{luqUTSm6Hx6QQf3(7}lH@ z!3ynI96sx|;7_n1TnTRH^bGKaN$O$VBHr1m&uiHpO8(OP90D==^#(N!7Az!rhpfdz z%Ym15{Po37kbv624m)F3kSpP~6z3MLVu>Wqo$L_jt9xzwy;D@+{+vLrIyr()X&UW= zpdfM-P#gK1mRnSv!5qy)?E}gE@1!CRE;Gz>jaJQ`@%^L5 zy^9d6EhhDSQD{D;o(`&mFp7_G_@X|I`j(3o8Jd5|tG(YtpO^!&1>2&qFRXRAF=Q7t z)BzLKAunJx3c6;l*sTL?OsQzFEj(Fz;`Fdbs(=_ za)8A2&SsRjes0C{ZtM%j$Y3-@Oez9AFhX2_hD{onDpcVjoXQe0g7ngAKuGW zv`EnjFol5rqk8GthrLlS`fsoGgMYjd^u|WdKpKGmj7X)B*_VktxruzS=Mp~%&ky>0 z1bhKVJ@KVFtXMft3w@;W+D34y{sg zqY>EPfi&NA*y;CaM^7EafcsTjr2mj&zYeQZvJy$YcQy=-cr3W zGBa4m3%c`XBz#QB)SCc4TzKeHi!j75aaeQpIShAZo~(`l)-oF0`Zb}l1MNFs76bS1 z-wc{R;;yKefN&9lwT=YJm2Jc&Ov$Y^-{;V@x~9AZYt|WPNNTZDPo5DVK%Ag}P{vEP z9}-iw&Net*`#AJ8Y;4L|s8d19mh@X%LjiGgKSy3~OOd5ZN`BYiS-`>0cQhgIB zI5O|EXzvWVXeBAT+cp_;4Cp16^@py9;5^}BEJ(iqWeWkf5ds`?A2F^CGjl4xJ(WtC z`Zz&q6o;SBG87$g7Pej`I-YE-MA9#rE8x{(L<}+kkGi7WS zNqWV~C5j8yoSN_uCuku=gx1FA)GE9DBOWLd=dVmgGsg=fULRpRzk3N$71jqJE1P6@ zQ+RlAwADxoJ>Kxcl^UIPe(>}q3N>~c;f(y+iDI>4JicA_lgu;{R~^X#tI^n%27b*YkDm`Fg`Q&odxa|CN3y4peqY7>c>|(0iUVX_V*?E z9C!!t7`4T#E8Dt*SYHb|?>-9!B{^tFDP>$PksD-Bj(ov~a z*gsGs_SuQth;A{%Y^6@#^ZOgE8t!;dyXlkry4vqd$dO-0lP7#r&e;=q6zAvX|Bs_k zhk*&=BvT!eWy63SlFe2d&2$i^Nn&`|QbDP{92$8A=O-wMppCo8zXD*};n?BXBs%49 zA}vk}Ge(_X5gTSGFX3S?5jYPr)&YPKEXcnu}V2ELMgtX-^oZ{{PxEMx?%xLO&h6*#9~K zQSa~aUFfb!BOX{)Jy^afS10~Ly? z`hWO{7lHLFhLyS=Q)wgg0gk@V58D3h1Zj3U&X3}MkY|!`#UPe76bT>XbH6UW`Vzi? zCMxeJCg#CjBLC$XL{;)xmH|BxC)=V2EVtucE^dQ;AL(AU(H7In+p9R}k=03;yexIa@sU|<1MU9}5v&mAyf51~YdJE7y{JPnL) zkVdgQ8C3deE594@nnS*CBqO4*4+UME-uJYF6NwYA{lz;5Ql|1AGo~m1dzh(`Zj<;* zeSSc$#HFYA%*rB+|F!xps*q}7V~27+v@S@@Mc7Z@?1BeQWA^d+1W6`;KLn?C6#q2XFeDUflWiC|0Gm zxwE*mIewJV+WadnYhEvy9YdLcAQ4i18>qis49;us$26V#{%-61CTWit?!^R0hSg#0 za5yYf$*n4h-81oZQ#@Az5?X^usg(Ep>t|ycXjls+NwA3VsZH)QEP5`A%c%MFEgjO! zmZFqr^c0pb{&T1>#Bww#4Xl~FA+BIgu%U^?8yLcZxxXLyD+$r9ms=#B_70OQ4Ru7F zK_U@9=hr>;=@8yn@F%!bzhgT$-4L_uqd4;xGELp!yJKQDwtN$$gV z3FrCDw+H?JAh`M3h`^|rv)|+ zj=*i}bZLy3^{I*v0t0caRm7zNGoCU{59dmy3w&EwN@_Qg$5^kgCQc=$W3P&xn%>g_ zoY09#PYQn2s;F=D`LEUYBr%A82AS27z<)VRD&|DgC`s@!|4Lcr{# zWO$!al{o3)0@-T5J-vZQv!JbFMSywoq3*X50Z+345qF~&O*ymapl<@(pJop1yWdTk zAKgeiTJ>p$7kMdLOWEB$0R+RNh;14GtN*jE^Mi2QWRjrCJDE1O9;8ql+$_FkXDs&w zJR0@4p09lu%2EYgd|dr)vzpz)8%VT1*eD<6+r4Wj8fqDJk{>C%opSI%C&rNUw)vYe zfKw{TDpp2~XQJkYf&VcLjj=$w;_M*uiY0%t-*=LySiP-AgmI!oNEz_O`tLw0%NU3Y zw}|A+>w2MB3r1curfrl9x8Pn(+HP1DxbKQ_qrcr@;a_roqoPJ>I4S$5Y5>=#*<~_ z7THqg(Y)xY9fymbIH}bJEpu0WAuAS)D?}NwL#1q-+*F}6M;UTE6(o7ZyW-!}TR2)7 z2TZn7C`;}VSca~wN6t9Z(&SMQ^526!ws=E4tPX2ZiYcM6A}Kw9aUEUj5YAuZd*5!xtrMKU!tCw{uGp z5!~dkszpxp{zWcP{z+GNdeK@VmmoQl*ykO&%2<{((!aeG+8A8osmj#M;T?tR(Gav9 zxhyIWr722zt`_epS>aWG_78o34c_Tz;SfK|48fbsvz4Z$(Rz!SF#r@=whr!QeMEF= zGAVRk2q#zF-nO~p?^k_nIM)KRfXMqR!y0A#FHz{)WG)0&KSY$)=N@#j+}<+#n{Ey< z8MxgRjGwEQ5RF@z1id&@+Q+jYR=aRmID-3yiNpY-%02^gNHyseKyOCJD`-FXmc-2r_f9F{poR^^yqfW_wJkCI%9o* zz=PDd+VdS`QTwEH%@uFEpmZlStT&ur?3~8aBu5h%+ojLg-mHWUP-h;mbR$)f-;k^( z2D#efs4(^45Ng=P1cMZqwW990tgqZ@RKzIb$d9Wxd^LocUCVOUI;|6!wFHjQo%nocD}?MX1h~g^fPMjvVK-+ z;eOOI!4>JxffltR@<>{3Rh`>0Uz4a!#Ey5-Z~qRwLFP`(R!lK!6Z}gZuJ`OVE7}41 zHEx#^)|92``|Vg?5~LZ0hl8QIh+1?Xye5sex#;d>9Wz;7-*(HyT-77ahR{cK_7u)dg)VLHxA9-c zt7*!CGkHZ zM9)FfA_S{$fhjuNO4+9aJ{_8r`KkQY)w|^0;e9y)<_sEab!G#&$@muD9s%1m%eznG z>U+Ps;c%Jd6E$b{nFcuuUK(1dy$%BJ$rl^r3;NTWaM4C_g%3b*GV@U%6i(fhQ@`#U z4|baYGOcleWNaU!9<}$z-~@~?K=-vD%zddNd&aKYxJ#F=@v=N`Q*eWDMy#ptX@RRE zKdtI5K^z`)*Pg_w@cH?#+@f84$)}%aR$IEu7VSI~!W5z(MKO8ycaa)>4^;fp4pue{ zb*b@BFPV%7(}n8>Pa{7Z_Kcj-V->!mWS;#w`6O$=_swRzTj{SvLX7re(_y@L%1E!F zMd6mWoaBN}9cgq7aOtcRdwJHSlw&Qf_U9K7tF4qZHKUmb6QGu$!hlF|bg^`)CO?_21j+HGL+1}KZx9|9+m zW0NlIn_to68s*LSPrjlA^^*aZ6VTN3h}(g*QH?BA zHl0@j=)YKEF_WOOHSpKr1wK}nRsB(pQIHgr7gL4H2j6`GgE|PQ&lU%J6#7@i1Uy=~ zMa!5b3g+%oQ|-&JP8k3vkO0w&jDNXE9Q2F8AL(D{Mi7`O?*E9md45xb3#LS0Ta%R~ z(;@$(gMq+=8ibr{uH)VM6hwzil5s59t6BH%QQru-(90~YsfEC zYQtwQU-(eIW8J~N;PB<$@(=F-yFc4GZaA9qTfeWS@99N!#q6?$nxrN|Guq>VnyGO{ zlu|PTV8^pLvJR{a`^{X@E^joWl5XSZ?mvv7Xx13w*4w=GX&}^;oITMgoN;tlTs~)< z`TTPz+wJ#&?mlZZM)_)Oa<0e%I}hI2810c+*JFTrk`u|Qc&(bJOjnU(;RYVsn85w) zSgY8q+0VeNy`d{%^B-e)qh`Gmhz@uA3a*SzH6;A4VuOvtI9K&C#u@ES;Ug=YWr@&j z4`YQ1IGwZ&KUED{-)}0ViY2j>d!0RD*aWyAfu-bRwz_GU*^F7blYNm>M`T{+mO63# zLvm&DPSS~IZQj$&F&xVx)LZ?W*452r{9*K3Ue!jxz``U;0%b2LK~Hfob@|u$xWqOh z3UXoZwC4EN$M!*cRamv-bh+lp%7SxI^8t(d(Z9km3K&x@AH_;KsMH#U-aLK{3>rIp zcTg-ezJQJMSFtJlp8^Q_q|nJN8qB^RjC_mGqf7TBCntx>e1OL1kBc$2iI~a4!>Xb| z7&)>HNd>X z)OvCqf2}f;SP9ex&Pfi`T>K)i9gQGRHqXedac}37rc2U(k%R_9?HC7)`rCRiHYWoI zvskH-X=^kq%X+m<2DAa^4X1G^G+!T;S5ceRw4(nyTo=x|&XQHa3(xtvTAzanH!!gl znWc247_sLy#t2RV%4`qOL!_kQ)@GNSdfs9Dxo_dkC(7LB7 zrf+&pT(%jr#~CqZGPFEmiM-}b(DZH$s_a-Gp{N@hK;Y!!QUK}4ZYgtHG^1YK7qWVw z_4vaL3rs9qG{RcB+0uURSFL`R+~qjhvgvp}-{!64r^AH@zWwW7c(-9^Te}3MZ8tou zbhh#ZUAp8aVm&cmg9Sc1Zbj*+J|46bMJN4Je^|=j*ubF>An1oK5qw0ns^f-0)n|5p zZu^}CJWhQYY!*K|dJ6gm zz^m+&mJQve748WTb?95asykYvJ3ku|VjpCSo1f5hvUA+vhhoi8Wv%U@LM;l`7hBsL zVs7HC7EdEf%QBRkS30$yAv{s#IqQ==V-;8jn*>7<_esBwv4>Q&WnCL>CX!^exka#c zQ1kzqG>oky^X!cdEA584o}^73y|-}2Tn{Cl^kwBKF&l2!Cy>mPm9vjd@EyaPiZM8i|^eTC>)I43xk^x)1#DCN(TrJDi*QLN0o$q1$UKn#e)EFcPhtFte#0X3<{_H z3qx8^(r`xX)!)G{5TXFTy$3px@f?5nz4HPo{1qy;|6&jjX-RczH zuGy%n(Ggmb`=2D$$0q{H?B+cWvo;G8+^Nu+esQ!^?GL0cdH++Xfj4X!0l+n_*9w z-4+s;xb3nuOPnK7iVq#QP>8ZeK{Sg^DjQIg$`zIx^KHSw2%4?t37;2312x|JE>q7c zjnzIgSH5zD^{>0$-7Q#VGgo!~f#%ny|Hh#H*jR{@Yt&mHXDEhmIf2b?j$2t z`1pt-UhXfdF?!!l6kL+?YC}nuuac%-vvgC;2kN%B@c$Qv2`At!dw4ooZEs?a9l;_fh`Hw3ik80c zVR~SSnq<_H4yUbcZw-^%)looHq$QhB!#*z0pMtBIa}v}Lq!IaB`-c?vI^_A$EnTd0MI4Q`cQ*VjQ&(Ht%TEN!1b$7?KKH~mBe>J)4lB<;H{OUva zzdhtJg)H`?yxr5gJ|=Tvl8_X%w8_Cz*3#Wo&%pxyIdc&s823vv(&DbOIs`DZq6zrK-?g&Z=idsu&+T1+F)w$pgn9+@Y0jyWL z;&+SPDz~oTUZ1Zy$0-N8a==V;b!bb~M>J&eGWkfn@xZ3XNu$L)ST6CY)U7p&_t!_} zq!wqf&Nw;he$U^S<3Y&@qptK*J}DYn*Rv(Oo3 zh$w~vs?wwOUN^vN==m-{ky-BiD>vDRV=e~2s<742MLvMa_6JNZiZotbDh_VeaaObF z^lItfleeAm152}%seO*gxxQWYrY9Qr=8LZuiuCJCD~;zD9Shy=ZaJy1sZG@$Ri~mg zp8;Q2Ujk_4b>O@NgTd2FM%)v}%?TeJPA1#$-Y4@dsnT`~%KtPdXnVB-0Ae+W@rW)v z-HTo9qtfX;|6Rhx**;-hb{=Kd8(%oIFRAC8m)}m&`A`EfrQ6Z*jDu=fA6m&zZ?T_? zFmcW3A1U%;A&&T#?}UaZ*4VJ;JSN0(>I5l}a%|&isZe2Iywt?*vdlTv3n|bahv^QB zmsF4XoAzcwgynm0Q;b_TIl)1D-HC|Wj#66`VBvg&1i65EgFlNZsD8*$uCA`3UPA26 zF%zPvM8Cp)nGnTfWSJKLYe*A?_pX8v0bu?S>1Ip$8K|iH;vy<#?5xF8S@fk#Y*$Qm zvxRQ`tcP9#5?V7XMO#`j9JV8d-BrZ7j%1^)<8krv-okB7m%pG#?T{m`AYHIcY1h16 zque%dYsLKo(lPHIANwt>w{ROf;ZHbvJ-bwN+Zs-(^$D$w|3zN~&fL;iy3i%9W;+=L zW?^;l>xI71lIcJfg9?1f1E>%|A9^eJY8okpd+_|iP{_yLt~!Xt#l`JeIW$;pS4oIP zq8oUHx2VC`fepjmzC0)&1k8cJ&7v?IVA`}_v0UOcGZ~7wW?d$uLfQM zZZ~JY;1{GRd#?n&{*CI8h0j|5 zrTJK$d}R8i-h`(GKG>M&2z$0Cr%MKxO?`*)jv@6>UZk1fS7-h86KlmK{CV+#?$kd; z)cP*_5=;XXR5;fFNzPxr*45H7oDT`?Tk^ooWrNhV^QD;mkzGlOG*$Rosho`m&QkpK zpd5{rEJq+7EyNe2yihQ1V)S346@|Bt=aafaD%JKC{%eXn@=5>m`<6*)imJBTN#0jd z&Ctccd{DvfC#>>tM%~J$!zdrE%b#yrVGd${0^Wb78p8fwb#hI>`Q0cTKbKJG@}^G^ z02)j(+wI^pz#2R0fqOaL;$6T0FUTi(fiq4PJ=_{Earp+^B*iQTl$VCb>0JWH6hN#ao~ppKIYg_gGB(b1^*e_Y+cKp`o!G?atykU0$}9ISn^uF?=7sA|{BB z;)^jN7mQ?QyxcGFL~W3gzur}+ww&=~d7vNS2d=`PWye~0So6_STx$WC_j5+#G7)qf zcnZ7|v3+~;klS}=OyU?`=1(SKF*kJ=(;RL`YrGNUiGx*@kYWTQrv^WGvgNiJNtMObg}z3JpR9Br4?yt=QxeKMTvuMhkj$8#6njFU{?fS)$v=B3 z*5_Vh*R4vo9iiZTI-^%GiT0L5uY8gFyzWI|Y`TKIxxS7skRzSa=70;DFP=s?=Rjxa zAbFELPxRIn5!0r#HIMLyfMgLseS}ZAGkJ$ zHlJ3=&UmWJjEPFd_`2eG!BF^|z`koS57VTpiv@u{WmrWNDCP|3@)^PLaeu{!?bYnI z1R_We9{Z+WslRfnJr#fYa%mKaccRa>O55Jq@h!z2COyEPagTQ3uUdj7N@q-!5PR(i z3${z6>*jzse5CRW&g^l;!nyc@4?BxJHFZi~$FP_Bf8M|~?I`pAGiM6tD-y~@SCCT5 zG?Xg}TVwt4-xMabo{Oi1OcBd z{Uno9u*tPzWU>+xvauZjO_Dd@Q z3?Hqp-_9O_koK8$P9YxVbh|$9WXdJ(+Fp9>Umm*gVskb=$kW(PPms4-Zw3EgxR@`W ztgcEMzxu>b*G{)tvVtvrqRm@bIo^l!1rgGlZgTCzG?e0Hu-YV+l$89i)Wj~s1elRk zk1*zK;TYoSG#_!!SzW9;O`QFu)=lXD>moj1v{$FszlQ8~nR?F;60Mwi`WJd$Dqa%Z zn^yWA({D1%UIOFQOrf-p&g8_>mA1Q?JcVoM?sV~y^6vfYf%JV^Vo#MrUu<+6Z?WBG zigE9Zy=h9yyQ0RP+g@ECcP1FsZ!OXnd18$VbhU$s4QJ6*OP|abtO8tzdkcH605UkeA5vI`riC{#65=k}%uVmwYjNx8&&?ThrHA(G|75w>Af2r54g3Ffa=u z7qCzb;RT`Gy0lUmVUaQLrw!8{$6@DqT{;btC~VdBT{RZd+S7;E+ZnJh&P-iGT=JPQ z(O0~;ZH!{#ws?E!feAQ|IJU|^UqYtvT!#`3rO{>PCjwiFZ+0o4n=3iE3{jfaDotNc zY9F(z!aZqFCH^N;%#F0d+vq_4X>k-R9^=4#tgalvmgmF5uleE>6%~M)KqW;{#Np8_ zNkrI42Ac)>zZyvd>1pNGShZwfTK3}EJ?Depwt-r0b@&?1L~?0}K$nqbBKW4Thg7r0 zbK6cTNy0GGbf6mrS)2~47bhh>qTNWIe79s@IP4VQUiL`Q_!Qprk1!W-clc+n92GQ$ zV7gM1?PR4Oq?D7BQxm;ks;bDHh%X+CwXYu$l}b;7wS0)nA)Cfv^rgVI5?z=N>6sD? zkC(ep6zH+Gor(Tjfg_A`eY{Cyp!Y~kUXTEF?QBd_8muvh`1}pT#+($^T54c`dSAIv z6ksx(rz{ApUNx0DslSzfKUjbdx;Vji-U1cWl!)GQ z01DcAbzTVzAD<4`Z0Tt7ppinfZ4Y>syRSFRNh&NPNog(uHg<&b9SHJ4n;c}IT*MI( z0F@`~ZS`fO`fk{ftB;OUr7nenbdml*fR(FOC*K`Sjg#a1oJXEEzyp_{!~lw-x55CW zc%zaXDiWVp2iO9w2jK|{^8oC9ww&B{DpdaI2exnbv3oc54-=hEjiAG)@%sb+0bdkI z&alO`Mib~MceZYYLE2Y&!I408F`3DSQgQ|W%NS%c^76$QZgQJjUPoDDo5mM8zyy^{NIg z=mHM#;}$&qom`di{jgj%DI4`^P4&SZ10dm*KKM_d%6@_Adc7E@8Ge(9tk&8ZC$8>u zzxRz7kf^89&Ax!7%mncF_cvON#1bwr5NZVm1&l<0KG)gRyKS^vwKKkku+!o4v>fkY zgmc{qx8*y73ku``W#nKEhm%RdTb{%(p_3cPc(i}FV^-S!H0PYM8{jG{3vC05boN01 zBx1MKW*i}e2JtEvbOls}WzUX_BLq@(ldADPCT)CZcf7i82hL8SYs!EzA-&@o{XX90#Kc4*|CM%CIxGeYrL?7E{_kDRhAIi` zaGxxXF8fJDe|6a&A<}5FK=nPFZN}8A07{7!K+~=NNUhn-QE4?-@F5S-iuOg8N)fC8 z8rLL00S%2*OAv`9=&io@-Gb_2=O^%AM84N&NPUKf5)2r-Ay0(&YiKF}Y_R-1&YNPi zUN>CgeZ9tjrjmpNYJ;km1RU#nR@p@bv>Z5opyj}&nc0wb9qV_ zfOF~nGCh?P^#wZ$uxMbwHfL9HFD0C-K*0B3z2R_lG2Ka8THXGdEwylW14=lbqhmwI z``gyIBwZK97OjpJ0O}*?Dw9K*45)Ua$+F^(MEfd&R5JN}FedBE4a=LL)}MO7g$?&6 zDJ}eI`~|nxMF8n+wzLc>v}szEru?jx@yXe=wRU#9_=p5RB1$v-S^2jG8Gf(O-snP} zvMvAu0gLFLW&=IAl!Qb)8c^rc3$mQJoDpiiOj$D9`!LP^&0~rCDYU)aqjl>H#K;-fivJpR0zNQeIvq?`FyB#cmQw!3{WK${zH5YbotitJrJ6g zy$bR>{&pt z(k>v~To*`pGHeQO;4QvF13u)HC|6ThWvg`|ZUX>zf~8EIHJ0UYH2UuIH6D2%<+Gym zLP*!mSGKBVW6*XVFA>hyFCuN!S2%jx|1>U*fF;l4+&A#kP4?9liTw@#`PkqsGGZuKHlCC+N7bxfeY>t^Vy74!gO|TKiPoBZzL{J9%+!#$W}I z)Tp4y6N!na=E$>!0&5FH-`?R7XjONQQ+|)Y1E~+dEgMapPL$MoTR*3EpvPa>TfHTwy&xR=L#TBE0+l9EsCIm zE)h)EtJ=DGeRAF&@pjSNk2Zvd{H01oM}Iy237j9u#8gkh&LU{R*hvM_YK4rWbRphg zc}Y~+$nl+(a70tgbu)IuEnf$_EzmL(P zQvzfHF9WF~{ZbZX2Y|hU11TYc^7=YewaSd`wp=Oxy4Y;&6cZZ|kobSm)_wkKae0nam6N;0 zGst+?why6ZYdWdOp;$FMWW0=5PQZ`MWDU`fkNWmaQRz0g=aoc!KILOoiw%L{qXw_; z<={>2*)Zpov~^8-2&R>v&ROL|w!HymPCM@=#>S()g2M;rt(YY5F0+F0-p)31KG-Z3 zblM!vNf2=Uk>=TYb<)T^&(A`0HU{=%zqbA^lE~Y^ThEHQJ6;iN@+?TXH9?eChxA_2*ZT&o1N_Tn?Jm8`WjAX7~=^KNYa@u2Y} z6P?QC7Zz4p-E;c_ve%=(k?DcnPkJO7>c;(NaandWCm9hqe1c#7>HcB@`hY`7c-({w zPIxh`_oP0f%SnsoWE@Vrp$2w`Rm_{mN9R?u1|s3ywr@LWo2rSPI)I8LXwBD>Waz-P zZZn7k4(OQDP7E!Gi%&|}!x<+NBW@A@AuJDaWAO=M8iRz=XoTT|Fz@a9;bY=GwKov{`HzM* z2zyKM7n{nTHMd2m5~b__M)%_p=u%xeJ}_|b>z9u66%QfWVbat&D_R;e{Ertd^L%tw>ehX%t!%jQRCxSod}byY^^y(49j}2I{*CaZ6!OgP)DD*`&Pd2u$#_3UF_j%0 zG97W&VKpBKi82xr5)EB!u$4S*Ni6n?>Uo48u`Sf%b>?@pt&Z%V-KE~MdDfVx-BhAP zGGp-v*g(2EE2Goy9~9J-sDCi|1%^iBk6y?ztQBto%=djkk|H-vmqqyy4^cqplo;k~ zS(w6@F&hxh_rTu+Zh@wph`{@)LOVpRFp3?gAigm3l^&Z-7Z@d#)pPW1bNu-ooU#0y~9uo5{-Jz1@>{I z&$a1t*)%k~NY2<$D}(ilc|YEdqWF_>m8Pt_M!NjcvMH=d{U}^HBXVqrXTBjGVb_G- zKo9nv?kbB-m@E>Dq?TTr>Gxl!@#0yUhT3&*k9^0Ac@5ejt>Bf`ra%^3BEqPEBF&@6 z-4IAzUVs1`-m;+gM_)gq$v#MFKnP7)tcrdOLKs=G%vfu85qtd;o+z$=x(sp0+f1@c<&NIhSg zD(|~2)?)`y>UG4S=2k?a5bzZ;n9A-apqOX1GGR?XK!CwV6NOlgEo3N?nrCY>8i>A)F(84fVSD!zc(d zPTziQV%$y@Q7>NcH@U%|7LcTr2WHqRQz#2OMo^(_4$ZpUcV*n*xx!b*W4v1|IsYDI3Oh_o*Gq!Q593LFKhLId_40j zyfCjrrGorHz+F@Pxzh|yFC*o%WP|A;_QPUlL6Y^Atdc9VO3Jf#WH zcYeITr9W&o=Cz6E%jC3smqRRTi$|zK1+RMmk3J%3j77T^Ku(6e%ORbKD~T6Vx4>CD z+;xSV@W9naCOKJYaEdu!_fmU(IQ3`sz$9`yonTjQw8;QKJdYRJ3BtM+yrO^;HJabq z82)HjC0Q943NL7AfTfpNqAelAg!rflN2qb#%~MB4Mz(@q=%l9ixq&+6na6G+S2`{MOjObuF@LrMlYed1KMO#Ep)JdFgE8h zl~kp@D*kf>uG{DA!xpv`kIg-n5C`?NKaDH_w$**z)iwXppZnfI5$HJ|apG6zhDYyYH%QOys;z@gUe*UCUFE{#yW|ja zJZ^2&yUkP1S6on2dwEfww5+*M7Y5gJ+7S&yP1;$1<(j?f=~(k5FZDA)cc+;>KScKi zU{xD_3`ge-eb~uBJe<+Wax-eOT5S^VXg;OC7<(yYbnc+X2SN6HK+29R%iqjGcT;kG zsPT56v6KS~?BRTr!0HO5NXq%HY`S6YRWE>yvdK4wkO7FCml3;hQ$|C9Ex)59?y@A}5`Y{OQ9 zW;62L$>!enMy%?gN<2aDWbJRc=j(yOiqCPNBjkw#q#X`Krh>xk{zeRXZ{kk_CBc1< zl%c4fJ)&1o@5hV%4XZLHQ#hvct85H-9?A`l8QVO?h}~rLG4NRPiaej5r8vQF{CCAs zq!`6=yF%w(&xalb8tywgz9fZ|s1w>A2pNzehxBKYS?r*N4v`%JT}8!(7>$|Ux7BCZ*T=T+jA)xWn$UG>Rj^MtG z(zD^pJH;C}h7jY1&%Y|PaB0u@m=of=2i70i92N^KJ>1R${u6m=_EywOJZue51}WR4 z^&YCr1y-PPHNF!Z4ViNIvV5dm%1j<3O1WO17yGnA0nq#4AA%3%{2zSvu@}p3P@j5! z@qrGf#4)-*phla=7X=vDA(HB0l(O56Pxp~-@kV}Nblff~o&Cnxlfl)k zX|r+QEcq{~%w=k_&U{=ab_{cGlFxpwSeePNZNskzwT;`gXV9d zUvAf%r9hi&KOQO^p_gIobJIdwpTw(X=;z!Iu&3XOqpE>BK&) zZ|)bSQPLT!B=SJ08EvqOAnp(Ibw0-2=V^?%6PIGCpM)Q|P<7l?j4JvW_Xu#J8IXCX z&O#u8#4ycHo#i@H!vkXo<*e8b*EwGwME;EK>0LlE5}EgRul;Ua@68fe4!q%^;)W zdZ<&7I~}OmhZ@RyTeDom;0g(V-l>3Z91}abwtlN^ZbV3&in|@&;*B6#vNT#5i@IHX zpW6R)a~YYMIRt%9?7W-lL$hy()y0#_8lBuq*^E`6%kljeqbA~J0I_rp$_ z(i|mr1(4&<4B&acA;&DgKG#zfBUXj^P)C1^LPK+jM;kJ!DhaZ92WZ7V$MDN5l10;d z4`z-xo;7E5{Pl#&U~=eSpL7)3A~N(BSN^X~)L+zp>|RjmgDvRFPeS+Hn{PU_-f8L< zEhVjwJ@@Jo@tJGOXGzJkjp_*LcrYu-ANX^N5MN;SMsx3qXm^?N4sj9PJKN`_ALdvP zUg`{*>^H^f`5-bt@n|u)_Ol%7cQ`QF6^)y{L-n&H;1j0C^7hB~>`-gETBmy=;2xjg z6d83HUmDd&^>_+k{wLr&GA~XXrGXBKf(P@@Udc8UnG~^=4(mVzBxq))FBd=l7gy?Q7v+A2gSl!+V)@f;Jsk;H3F z@_9*;RWPUmD1CWC$<>C>M5^)^ARh0Bs{f(fQmW~__46@ew@$6PeEhS}zyN2Z2Uqm7?pYKg~|P$IaF966?_V->3*5j+Onr$0x>RQgH8s8|xvN z{4T9711N9C4n(iifA=TGg}hhz=_g;;Da~@Ker~z?Ix;qFqhc=Q)21uU=~sldQOde# zpr$}9U`}1kf}7Hs zSjCTXzHnlZMA=~WS(MKJdWdw17Cy*6x&--IZO*17gzo1_t8%l(9^sXTgTL-_F*X-b zC-+dZB=Xh<90bLb?hs_Bzl9J{Fbvx4AJ7w?VvQ2{6=k_uRW zAG+{b#ny{uDV>}6vX?BZ{BsC2EK*eiGqnbI5CQu7${I(QasDfqQd#8@i0U{NFuM2C||FHQJa@MegVih$tW9DzfJc@tAyTWhdD%5#yqDaG5t zZ3v~>jLpYPd2Z{aQx*#u=&Ch)=tC16o_~B2}cHoNN8QOH6EBFl9YwQ@rjiTWeMSlAa{t2 z`~zOQMIn?5-hs3A&i#|fr`QR7vK`v(i%kG9!2%!=}d&QX00#KS@z%A%&MJn0h7KH zGx&)?RHVest)0XU-rn~s$f;Ebl3rGj%T3m)y{^Q_Q`IXq8?n+5@AMiuY6?*Xa)=8Q z$e8HJf2cGgL7Ia_{rA9Az>rZyg75>jOtAOM_dRDOIss$Hc-u4hwD7oVjf_i|BKT&- ze|4#)Pb%$r0-6o@XPSlS`6CKxA1i3RQRz2Ik-n~bO~|z1SPgB6WC_I} zNH(dKW)G}ge4R{2RjDRn(YLRnc*ejX@4@1%gWi_rO7a{fu^3xo8cLIHq_*#0%cxidzALd&4g-|@kb~nY+ z#p16k)w;r7O&>XF9F(~1bPm%lmGj?2>4Cb1`;u8Uc5UQGLWGl{MA4u@qKD1L;~$-y&j*n8Kj#oNamo;Gky{;_Zy@t zakmDHlOYnMs~hI#dqp;gMRqkW#Dy>mzlgzhVR8PnW(mh$BUU+ILf{P!5L+#Q*?_&h zy^9@g_}!NF;S^w=R7NgtB~3k0>@wrG#bL#mLT^4tj_;GNCXsUd^G>Ed$hTANsk@wKM-|8g}d1Uu8EHKdOGH* z*+|tk-?ucd6uN?CSgiGOGyOdxQKk*^hTaWxF(E9>0p80cE8X4P-Rr5YSl_`uj0=q* zei81tu23qX(fINoqoB~6G!*USNP}KKN`uY7$di-v%^RgFo>kkHQTArH;!qoURs8xx z9;s`qIiSaUKe?lRy1g4I$$LCn$BW3h)vIn*yk1PzN83$`O^7Q9`mGtA`^X&3Cq1iM ztB$FHjCdsZps7E{8hnAM#93Qv0`2Eo5okZ3s3_d|P+AzE5XlYv+rua^6LI)EC}KWz zduz%@lU+7wOI&`R#sT_|d(KhG_5uovO-?YakZa48A(S6rv#+tszYA)vlyu(iFD>i^ zRwr&JOWQj><9z??7j?SKq!b|(!XwbEKhXXIJ{*Q6Zem^(p)7aN<}d_U3-CiBW&NSW zyjJ(`rz9=R(MX%At=Mgk|N)7QQD(T7CEU?LMmuWwU_SRX=rwY|mEcAtcmE0#0QH(^o$YZC7~PYxa~$@l2aPc{$HMl33z$14b_-u__eVl0rDe@f ztr_k(S3T77gW;<+d_%!|P{(vb|HGxW$)V&*$Ht29Ra7v0Wo2B(K%3IEd#yQ&_70Q; z24fDTO)-jdDP_ftGTt4UG&dSo9Uq^m480t2SN!=hz#)mH5S5TV(PseL=ypsb(>TL% z@sJG6YYcDwo`}%?)pjY9)?CLF-}VkWI?CKO(^Dh0WvvsG!5&)oV-{_hceDGB6TKo$O1rV!b*Pt2q?w zHicdqhZ@@7BR!-xXD$%lMaC~|n^p-r%La9B^@!%7VqTUsvRJrM2bXGE7C6XK5td5k>r9q$nrTHWVtMlu>VXTWq zVX)Ke4NeIcntYrLV+m)G4dVs=e59~MY2No1`S?`oxbq(Ipi~BA@AXu|S$IrzO7oJh z-9a_=#}AH#fweS4qYT)~okz+$(12)4zgL2uNOtnOS~~84?Z9l*b@jreaRsdF2Slr<1J+x-SacTq|rl2Xt;*>SQ zS+6M_CS~z?SY`cMS>!|71s)8ih``JB2b0nA_9j`o0D-f#LE_U3Ov?Ue`xW2i%+POd zehq<#0~;~%kpm6`G5iFwGTL{;*8ffiZUiSD|7zyRt(N!Q%QjKwL_UXX(a(CS4`R2P z{*}Qa?9^K{@m7KuYxQU$EEkC93Uwxy&0+e;E%jP^{8&ce1_0_~R*XYI^`wj&t9{sB zu6#W87;$TK%F@?GwIhHv_21u^`Eczl6Ph0ppk%_TcQR2PF&!sK*=J?g>LPK83}dEKE=r@(DqKleT3aNx z;BCueI?`Y-=w?vz3Tx6Sww+!#`+migR}pL`0B~w%9=70Uyf}VQY)w# z8GnW~qx@@%#$kfq-Vr1pfIBT!cE$VGO41oz0phZF66Tq#l0hQ#pWK2}M$l*epmnm6 zPJQj)S4xWdsM>xhY2sA$VkNpW|6>*_HCfv2yaQl15tQYqpg&t>$%?tnnvv0T$+DJ- z?65iIRU;1?cBmSmk{bBZnTyWjxaC+9owZN#2pbb2NyDgFkDERtiLohpKX?Cd6U^8p zp6uNXN=t*MfN*%RBj~Z0cah)mu_I9OWrytllD9wlMh#|hXnDum&z%yp(Ihg0n-G%G zZOm)M_(Z(+Vs2TaxikgzKzcwVNXmoxzVkcj)k>^Fy-b*pG~0N%w-2F0A(9rv?i)y< z8z!C_Gd_Rp6K;|&HwjIAWL)F0XT$G0`dn!) zPj;GcQ*Zl&k&gaPFj96UECD#?jm+6L_T>rvqDlaDpui%HaIH{)#VfC7!AN&y>^Rc&Kai0u>3VI{V7*g}$WP z)D?LYHjyC21EWz=t6;azeZdOuakO~<;MNj`(?0e>LfFz(y9Z+pJPUvgCTv?=idB%b zCsJH69PvO=RCgJB_UpX9 z^pml3h7o@tr5I%Nv0NWXg@hX-@$_r`x&TNegr^o2%8~xCL?Y_`SSScCvD4pdyYr>d zX&Z{IPS(#0ZYegP9`gat-)4q0r=aV)Mtn4s0q6Js2`SKQ^5Lxh+AlK4W~qaOr|*wj zF;(T>IHbRTKl>Xqd;xZ)ZO@m%`f-3YRYwl#DueAmp(#jBbDJPp3x|5I0!S!+g!5H< zywl}8;y4jIulGFl!wy@&f}orz-b9kIMb^}TnDC#?3tYZl6~r~xMwp=-E{yKmm!&3e zllUsuB3*OnvzT7Q`sed`QH8~S$JL)tSpKU$a?X4>`)?!#Mm3RsC)sM|r~W_pqV8*= z^@#NpPl}2Ck5@+qPLfJKgO4D|#gT14ZllME8%B!(5cN9G&KEdTZfQ^|o&i!aQhkq+ z;2|aJe5+)i zlip&QE$0MyzFs}pLHbsJ_z#0qLO!D@{^+zgMHcw0Q$jm`Awj{Y0nS~l0g8=yON0}H zNC*6|!Km<^Q>ucKPTl|20(fGaVJ#Tf6wohFczMWAGC3O?3bl~wBie!mBpi;=b?MN~ zEZ?>BqQ8sp1q*D5Cpr-{4U&1a`z2Ye7v+?k)=k@9QX@7M@mkT#55Q*T^|ibAv#MWT z#E?lWgYO4%e#H)SKlBQa$Udd~#mk~jAcIX39$y6OJd5$OC`LFXLu$iBft;;hEs4EH zxgWw0L;BZ3!V8O;-zPC!k1J&SU;Noy4=ks{sTme`em67`doYxR2ijbbp0eMV+h4Nn zO`<9f#24<5X!)UG#@%Q0i8VWRH;&cwJ)WycXh!FG5Q^#HaQy6R`oXi-r{DNpjJXmC z$Ls=(FFnqvnnfZxQE{Nlir$9}3^Y+X#4M_d>W-)VgC&l2F+m0^Rhy&5 zIum{*TwqZomJaDxSpIDqs_;aGasMghW0e>|@g&ZRghd*WON1K~){Nn~r4<))D`I*@ zB$Z5p<>HU{eq@_XA2+O?wo-?;pE9(91MU|> z{2T{6)ca4L{LpA@VCQzsHm8qPBrCG4!(@YX@ACR6B_~1s7=fyxXu3DIWrHN4fvIL+ zOsJ5M1P*atQR>6iaev{;b5}N>#~TR3`-|NehW40fP;B~KtOa8U*Tb)4KjL!*Q(OzR zgiq%Hl>tp(LGPLwohJyG@H=u8-M%>Fozt;HcxqtAFX2(U(Odc7&802ufcqr}hn5rN za6V{23!n9J!#H9dyGt~ixhy(g>q?zhj%TxH)`XwL9B5bI4ixO`eYvslQv5z<5X4(5 zc~N2NyZ7aC9^?*{@KNGZu(t(v-xKED1#^kudh>g~Y%X8mn=``=M&gNcorR*7LY>ua@TkL)xwJ zG!CZHvE;eP@rs9p+|!ID3nX#t3`a$}JpOtWI0>ww<`qp=Yqp-0)kQiQ#|cWaU#_f= zEk2*49+A6J4-VvqDF|AQ`nCSyGQ>|*&}Ls<8?oLcogFVzTiE|Gfg`YN(dxqBPotQ? z3g4AEXaRz{}4-|O-BCvVsFg@-YNR0Zb~ zUQqRx5*Dv}?zt%akB{eyKBowwgmCzUWY3b{(aEr}0|>k?D$W-?G*6o>!rl+{ko&E= zAI(;!8yJvRY{Z_}Gwa;ZgAhx1R%JM|~o? z-d_%*V1IcPy}d8ELo8gFPu-Cwy6y`uePv~c+f|K%0b{6u723c{3HR2`IOY6F`Z)?! zvjZ**12}mmZay$h&6M5Y_ltYSKpMpT(XDdW73t^EXO8p4&!>Td>h`*E=pS3$C+t_o z>HH51 zcUQ@arq)j_HPfOFaO$VS&<`K)J-x6|7h;1cwk#JH#_9P-Z*$NlZnQP9z|bxXX{AD$ zzy7LTR^%`C7!6((T&VN@0CBsGV;_>563&$0)g_iSEl>VOLeVp9!eLr&mQZHCG>Myg z+7PEq519h1W-vaVOx1KRr16tV9QH8p3Re-pU_H?f^}h0-0pFL(t{YO^s7VTXtUE70 zK1$veK2Jq|9E}I5zkQYHEzPUUE~Am0Y(g|8PTY1LeT@Aw=*W^Q-MhX^|9*C$(I)@H zJ1G;>aD%MUan3MEnap)-7ONXcygh!h;z*^MWH@(p)oN$88mg_WWu<0gte~ju4<^8M z-WhWKfH>JGz->#O`^aurc*_vo`_PsEtJgG4oZN1}IpogMK%!`win-Hc;UgMv!&gdV9WtAkR-CVdE;;$4v`rPOZgCw$w5AhK zur-JmX61nfxfxaA?N?y-*1-cDVDg>T4@$;j&OM%=7!Km^2SgkNG6YE5o4<8>5>o5&zpP^Ak3fbFIna34y$IYv@dvE3Fy^rU%H;xnL;dDiv!w`}H zNJ}Kz{te^@;0{YnDFMQPeZKn*3KSzKhnY=83-`D9)Fipfq<` zgy1J6Z@KM3;|re!Ni~BBz-Z$q23xk*ltVqa;TTbLg_KIDUJ1qf?<@--$;-mFb~C@Ve@)x5e>J;E=fZ>28W_YDptN+|Osa|`k=hlm8u_RG`FMBf z4tAUWS5iHY!wFtHoct<88sQPJ6w+rL703@9Zq*=QQIN3vA94!@JF@t5T6$8MEWnd6sFap7#l&Z!o~s5+o$2J z&TpUm2NoE=M(-4wQi72p>dDDg<7LJDI53#8qq4boBB3PQ$xFkA;7Mr7h}&T&@HXOL zmeuv^K4gnfMbnmS41!T(kZ-jJ%@+sJDH(~wZ0Z+qe;+VM6wNSjhVp}wS};7NW0s6} zrBwqXf-Z_C32EPwlQ&#VqQj_o7SBiy7qcIw$-rH0763RUFiso_r)=J0BQroaM&hwU zjqSYCOXKkJ0-1w<>zQ*NoiM-m-XtB!d1y~ty%XB%s z#o=m+S*aY#21yII=;39>u@twoqT!o0okPrG`$Lu6;UZx;?)*}-SZ^x23C+qs+s1B_ z=cdxz26K&FcNwQyB15MPus{V`tmVApnO;^9h;p9|{n2dB?OPJIbS~Hmaiv@9a||in z-{tcZaeH;ORLyF~9RU>(haBbi+!AR_*7-uVIw>#Di^z|JR?aDl)Y&P1w}Q0H!7lIe zXqs5La-$R^b?r83+md8pq7b5MV4Gk$y8uHqN=JMqZ6ilfDfM|-(HFSl6x$VAYJUzx zz&zlvc}_`hSs)FZcbp1^t)Jlvl`G!J3|e<3DD7&iXq&~B6RkJ&wlGGrJ@Von4J^~N zpaYGdYEad(dI(C++6pe|aOLl1KSh?1Lin{mydYul*D_jJlv1!p|I{oRAok*B3e9N^ zuHg9B+O1#>#1~bW99ofiw$C@J#RtrZv;u&Ih^6ha#zg{v6^{>TSZ;ZUEfT+KbHM{O zSe20P6T=+L&4T^HA7hV-3~S|i@Wk@reBiH=zIiZ7Zq5z1z*_*w7ElC;-O~;ajRikg z=90aQ<`VYD5>fRS7ZhDt!Fv`YBp~l_>;SvU2SFWaEtRNM02bfGBFpRjvuQNHvOwP= zdxjA~w30Gr2ji!tna8WHhhUoLLl|h-AMsz$KGh?~Gkb_QN9o3t)J%$t6`%6SK2Mbm zSJU#@Zl4%r)PgIWa|OWn_)`w0#-Gxx5u@|Xomt}d<;iHQ)sz)Z16#q3uRE0s#d5#{ z!lj_Jww0p#TU7abF*T_dm5xM*6`ZqGv5}cZ^JoMr+Cc z>dfaL)SK=#_s41A{oCW*@3sEFJ+m#u!6fyY~?qwdlT|LE@)p&i=&7|Gh8 zkRHkLe(yS8uf+{Kr^VuOY^l#Esd+8w(-ChW(rmHK*3dVsf`+@nE21;X>H5f(a2TjkUMm%e!DG@9iNvuE zrFmjn`i7LM1o?dQtNK+eRRFMHTC8c9+-QKHh|`s02U@oFx~%T5SJOGXg;~5#_YA%t zc-0m`URAo?UH2Drx9}<@y*GQ@5XYGzOutYzgpb~XIPkD`|F0)L! z7`MCs4z@zcQS#LIxxe~^sYn{_hYwW*a(my>LjH;+Kn>C*w%;7xV z606R~M#$aeQgkb>vgd?27^}!{iKdvwv&ql)s`yjOLE^4?Ra_J4)~*1)B=z~z!=`Lp z-{%-Cjt<>`fYZ^g4^N^ZbFw5U*;GD$w4bjxw>6HbHn&r6x#$Ha2}2DE0QH3@PV+z_ z13?J_l6K6YyKvCmiy-rt+rhZU^jr5`QRd+rgju7@;Xxtibg@dLHyjd&SCUdi1N8O6 zJIV@Su07_vG`=h??v+_R+~EU82K~OamSzO47aW$M(`~mAry%Rmd4jke?f)U@kpCuV z+%NP7KwXi7YCTz2%aEO@A^U6c`3(e_+)nd;s5J%I#;Mm|Cg>B2{wBUdE$_T6CKne+ z#Kk3z#$ZLrNUJCh5PwIk9vEM<{ls*KRvqKmXYl%nZjN60YQtL}fMg+XN4a~*w_0t{ zF`4ev6p6+mWM?lo*aXcw(COP6pfgf3Tdu9Y=`K18q!jO{sp+2JU*I4d$;9JEoZSDf zzVH04DA-LJ^#pqGd9APSt!6Lakj1juT==B2SgH0%r0q-;={`ZUozIT!_5=c#U03|A zZ<{{{=7md!BhpOD|E3zy^n}tZMwQ`p_ZUwm>=O|akN>>tB&-e7C_QC1zg2>tFiLGy zH>3n#a`Mdc{9BRi4UW)gy{4nlY-1VFq$O@*dG2-Eg96M6$Stn==i8zHtK#t;#A)s@ zTg}K7OlPIgXt%YmhsN#wt8-4&64vWK84(*DM0MB6(NR_yB=S+x$MxPdKYvz`#qmBT zPh_1%aWr03Z*NKsVu4By3Su)~DOV1jNL_T1_BaTX8<-`OL-Llw%c>yk5U0@I5RuN{ z#jf~n#sU=9p|C$>zHzx)LMM#Rx42(a^k}paYc3bt%c&GcafQOqaY zfnGdrSJv)(x?e$XCh$JEU(_G3a8BwHWUpR1T=r5+l^W#P`Xsn9MQ0K$mUGyphE-+& zxm1{TS9PL={ECX@6XE|bP3l{K@%Ndkq9RTl>A1=J-0a%&n=qDleBliX2J|@bOQl_$ zCde)}ARJbh4^E_33@iRVs|oI*E}5n1={Vf+$0w(seWy8A*o{cYNTAa7dJL!1d2S2} z3X#|X{xLW`y@eueo(*s+K!8i1S_51h5Xkx@>5tjEqv_n_CF?b1zDR;ru`0ptCNH#C zN|h158Hmw?LupK-{?$b>Y$oAX81#LH;z&b+mwb!g&WA}2)?4!He0Gg&XuzAfaNM_S zw;3$(xVpF}i={P?kM=f{gN^Pz!bR?psEA8-$qg2Z8jIrwX7_-$I7EO1ZJ;VuN(f{k zei2d_Ai|r^PnLC-M=bT)8+WwtWBZO&JmV`@)nii^ng?z|LC{!SpguuW6_w#xr^W(a zTuoi?d`&hhRGQ5p<8!zwf}>88I&)UEXcTw6pO0uO&8D$Z84jUbALmeFF;^PR;HF!^ z$(>ylayOby7KGopDtyoP>=uT3|C*Ybi45;lXe>6+t`7cxky?c#lyBSx9~GU6qw<>2;|j{9Axgd77!>D-SMT4@bbRhsQ; z3@E~=GlEG4yFl=ga2oCQ@b=8Jrnfz>V$-5t)hkhPsSbh)A1!>^_uXZ{qehk)p`^u}+Ry{=rB%Tj-OsP7XD#`HAHE`oHR*Nf&cl$i6m+b3y`f1;-R$f(+iG5g zW7d>yO-xeGHyy=da@h#i=QreU-KsusFP(?E*E`(9?k_f^F_<7I@?GXi*&lCFR@$s{ z2Zo5z2|TJ^v0h@VJ^C7pmCsBV@_gZLh6H2&i~PSc*D;30fc7H*F9h|g$Uz`^K#q{o zQ-3TEIp8@d1d>Iy+FiPpI{CezgTu@w>+A5X&UOpuH$9^KKA?YvE!maF(it3qY=v`} zM?T+4NcwhoN{HLzfquU?9*-Q+>N8ojT6K6&mYWui>%9e%!olh4`K(c0N4I?Z2GD{3 za{1Qi@cwMRZh2tnTffKcORqAO-A%MN44r~XEg%oWLho15YI&u<(&SBxcuU%=`-p*f zD9wcBd|8myZKrM`g&m!Tx0U&apH?2!g5*2$JM1|7lkEpI3OZ`&;84CVP}XYG>oG3; zR9>W=IypOVd~`%8bzoqdVVFrIQdV{%7y7qe%DocadeQcu(2#5njXT@b?Lp9)OKj1? zaC7wnFmRLYT^riwJ|q@YpliXjPS7i|tyJz*0nw#cIX0G-YzC_(L1Qg<>4%${K_^gw z!-)dc;RQzfUD^x5OXnw$dj#jTVI}~croYK0(cu1pQU3WmYdSDAc62sO?8d2o4kTxo ztFrOTt(Utn#+`0NY?`SXh4o1zq-B}EOMY`WJ$>a+KaZv9aNk=EXyyezCGsuMS?w2> zFE5%Q&G@I_Faj1bnZG}$Is`Lb{p(F z9vJT(8^BcQ%flSe#X}sU_72fX7VhmB``vx>6<<7|5ZDvV2T}=9fJuS}EF~p`nRST= zzF*@4Rg&i;_Ry}26abk5z1*)~ik#5lV%=|~_mvZ3R;N%gDJU8Wi&-r zSqwX3Rk1{EG~@j(vD72GCqjFh6q};36h!~CdW?voyEcSwA zMhFuF>$T0)Q_99%z2?u8#ll2Tuvc*osnau-b0#B);~t%sti6 z#DStDL^`59NAT(jxP)ep zlx-oS2CsIjss`(M0g_lua0PLJ$k14*T8Hf!NOpUQRW7o>`mgUfoVb=gfiYZmNyn8w za-bGu-}-nwaQ4?02H1wP8PlW{*Js@*!H1DLKfqSDNCe=Agbrly)yeoqQjaHk5 zJcJ|)(*gqV2UZLgH#sGs0`@C=LZO6D^sIU6%{;TH!X8pQAyC_wBnCI62P1RN5Hr>B zt60MMX4iP7%P_a7)Km{sa_uYPkII2yJ~0B3{I)xlRAUmHu8Pm2pKjI#dLZ{T>C4NMwelC5HnnI2+Ua~M?HO$^bUZCmb^lGY1+m50j()qVk6(dK16EkS2&$A z!yT?pRYGPWsbEmn&V!tBCcv|nBq20M9`Uh^)xyB_hIprxtXe*S)_ z{tuxf3dn}8-0C32y#?z@KHG!5oT&#izTeXjBb<8p&}x~3ANp}b6Lt0 z<@X^V;#dL`TN0SBwqJ!sVKRa~EC?*P#|Q~1?+8fN=O~+*l(^5SSXs{v3=1F*45k7j zQVCn5(#%v26WCiN8nXH9HaJ}_fDhy`zv^_@W&X;#hkJAW-HQ&LQ@d)qhLdwSSL;j( zy7D|yizJ^AK<4(yTO|Is!D3d)z+i8m%Io^}?pG1ma5TpR*g#=bd4ACckZGjawsHou33O@U|^~#X5G`gOoEq6yo|P3yjO|QJDx<; z%z`p|IBvT;D-4cfX6^v+RS_&sgB1B|bh3>$?>Bx)9S~7aL7{M$eDfV4wkc6*sq7F4 zD=-7<8a%awynadsAQ<}Ks+x=fj0XEe z9jKEs&aFVd?3_h+EHyMZHdi2kl(}9LSE_anJ2**V;$-B)Z)ZcJ<&GZDBjdU{IeHg1 zkh*Le5B`mssn^@IgX;5VGuWr8E2*QQEm|KNaw$o^v7FST06U+M!lW-{J;8O5cwfp#({!B#w7I1WX)twgf9H(%ID>e)727=$v>q%(H8)SfzP5ZYD@&= zH}XE5vP15K?~$bY{%3lKlLB)El%v}K0O>c#$}6^i;z%s^wFnaDW2qA@!zg33;+@IdaqlhGx9hhYop$gEy~hVclMe z=wP&{Ig98`rar{8B+wQE%cAK0XjlGz{c3(wzDL67v#bIVV7cWq?an((>&^&bi__uR z)^WR5I`Q$bxQlzRPXQhl@+ZSyXpEuh`o_MwG~=J1LwKvd#KB{_3cK_bZMG7Q zcGqYH_N{K8=ZIPSP`xlhfIU_je|N(NruUg^|W9zXYiD=iO2#f|3MeWYYwnpmK^=lU@)ph)O*^P?9Fl0jlI8sQL_4r!{lk+$QxoG4&HPWjC| zU;S^|V|-pT#*!*diz!6_d;zpSHcwHk{G!jz`HzIC?7(9rR_HFXx4b46Aq%u7_s>3J zP@RSNS;E&nTfg^@oku5Q!9qJO#cy#&x`WE+ek8sR?AVi0E?N=xvh%7?dCrFH}w-cJFe#eY8vr zHxIktlI6Rp3Vfw$I7go49Vh!2oqGH z>@F(Mm`dsif_rXQ+2#`w%$RS4Xgd(&|E74?`^{;AHwU$t2*;xit<@dREl2ws#^-Be zUJs`xR;yP0SkyjHNl^SdJ)We;ZD#AzajS|KMpitEXo7aIccTIfvrnpj6xa z34wMQo0#wq?})!Y-sF$L;k1UxLz6n8Qff=n@*F&+o+}a;OlNTq>HsdDjVVo9)4hct zX)ldncM`L0jRJixoz7xi$oTZXSZk!~B^yS7c0iS|wdR8O`)}1Lb#HiT1k=_R41{s{ z&k~W;BZ+}y9n#m1*D~aFoXuV!F-B0`T9Dr8I51>DYlrq1UifON6%KS8^f1>R+lM?S zbOo)s998BM1YL<^ORa=mT64n%E}m&@i@5AUuOU_R+Oyc%CNN%pODZPe%L_FkF`@yk zQ0$!!ryY?(iR^EDLwKjf5@$ywFqy@Kv1_R5byDuO#=u*jh5LSm#dPYjCta4$gg)*3tQ;4H?*GT zoh23zBS!+@UN8gt;1|wZ6lLW=%eev8pyC7h42TlMpG#;$2eb_9hw}BOyCQUY6qln6 z1HS}fVnV)53?oSk0Q`lXFwA2QZ1M{mH!Xm*_sjCJp_XJdrA))YF><~rY1vmt_P~Kj zDI@eUJLWy`>;Rphh!%gx2}G%|3@KESBy0}QYzBX=&@qX>w!gJ>@n+1|Z9~W3)Z2(@ z%h}5nd(Q|c^OGVC!?FY!?lfCU4cyG(vhW>bP|$w7G$<2=uof;YACNOEapdqPan3Xf`5+p+$lj5ZJ<7V zoTJO9e^Qjd|MEwi=%M5Zlg8p4;6jgIXJl4!kll+Ip#*D->hAEe4eTH@X-G zZVI%(#09|wyi-I80l9U{tU1B1R1peyX)VS%FGdZ#Q(C9)A>-b@YH02IRyXx{ePOjx zS9bCUW<;5XF?H@!`lWW~&{P1FG_M{PQZZW=IkeAa68;&F!^Zf;MGqj^K` zT?)wRAK>eKosnN*aaVuWT!iydR)qIOsWd#Fa1&eQy3HPS?l&xo7&$CJeunfzzs-0v zMnS$MXzw~^?40_k&A~;B7v1IQaA=6Zt5$Cic)|+xfU?g$H&i{_*RPac5iLlO6qUe{ z1^Q7f#!^KErH$5L5_-cab0rk7X{Ql{@S|wvRnDDnH7aU?E(B!^Y(N*VV>{#gvK2IB zX^gjD@RivQ;YjIg{>)0sE0V$;-3`& zBJChUFrbHwi)$-jiWr!<&v4q|IxUm%i+M3+WHaY5$!h#0cPyj2E+${!6VZGtmLWD( zG4#WE+2iW!$P!0Otc`K5KJUFc9!BmcT`oKG$931yQklIQ5P{FSb0|B_iK=8{d{ItO zHY#w*Zb6?|aO1rfLwK9G37o>jnU~!a5dlSZ8AieM(8zEutuTR$&|ky2C>2xgE;-?J z*JSUVKuKsSSgRv=1>cVY+pFIW(!$9fQUSOPfadCc^unp}fpZN%K(h)T41m$W1SZD| z`<0qNuNmF3IpI^gJ#FM1;=FgliIi!Q-mTO$Hm1&}AC@X7yo5h;;>Mu_ouIbO@=>Vp z@!bzARjL0Rt@+kNd@$U{sC1ik#OO+^Nc}iae5=vf?2Zam(}J5xJ!237E9_11O)x$a zTtK4!niH3Xp+wNJ_GQ>cZ}6w~rw!lMC4=Lt*`Dbr=xWqh>00lVj@LTThRHQdq9d(V z-5C52kq?HNeEcB1946;a%+J)AxehEnUStZ|AH`{}WDpc7vCYkpDIT9Eo>40)?Rd`M zv&Kpc^C#E(dLT**IvboBAAidtygSW;h5Ah!(m<1yz_nquh|T>@O=Tyha{@()G1DQQ z;d_`A-x=lATYgd-zc8$`J)5H7l$N_)t`ncdxgXpZXyp$S#Bhi?FZ}9N^OwW9!y61C z2>0aV0y^*eJd)B4u8*RSFkYaj3{}S!!>KZO2)-mNRhU)}ovcWPO2(b|fhT5Flano( zRfzjdwe_6{?O@?~1=M+HKvE)xkkU-+JeOT=Babdwi{hacOvqS$8y$?<3FWSRP(`<{7f1!mHwtsNQE2n|;B=T~ zu=j!aT!dVNWbs58PUlIZQgD#Ynh=r|L5sZJjZXvM$YX>62WGnw$QNcP(n(LchZ{4# z^2V;|tXV_UE_El^7-4}2708di-7jWSo>0?ylOE1w160TU#}_URiT*R*k}s>i{w_}S zrXl>4B!x6SBAmo3LzjA&k3d$J=dgomAH&*Ct82tiyzVr(>Evw{^@1LfHT(%AZrK^r z6$7^ym@eJZqlF)ahbq_mu2X(NMl_q*!i0MQ+tI`aQjyz{Vs#5jNvP91jxy1~6oyjD z%=c=&tPZlBQP@9eK6Ms(0xa^u&Y0)l$KHtjXNiD7fH9Cuvq6lCflS{h9>=BIU}yri zT*1km7RF26DeYO>BJmk#(+ZY5XK4R)xqFpvYw0C(BzgEhi?n{%a}GTo#a?LW zYyQkhc)1XwJ5oPWXMExbs~|Fs&M=r~C9^qy@8o2>%$TYnEV>D~Gt+T)-_ z>Lf?KUA5a*vdz3j;NcxS(KhQ|BkXFYL;KiVapl)j5|1e0L0=ggn6s>?98UPH20{r7 zq?K;)K^WA<$}1p_jzJdpW7uGOco=Lr8wv+io#yX)G7;`@3(#+8_@ZDFK}zb#6J|7H zEYcf7b^HF!;V3B_jz6vl>4pU^84ayS(pU|pg&1xWOADergh2L_0wVrkvG~jCudz@|kSWNN zbw^2r;Wu9shOm5zAl7LXr!s9~&^!^|66L`Ge6=wBV;)?16Wd%d$=PqKPlo2x;-rd;N8rJ{OPy*O9 zfq^|*Ex)mS|23@q?_1V4G_sVx42ArEh-&|ruNEE<7kc3S?}z_=V?zP_QzlrEQt|&i zM?l%rck9akb+96!cj82et&!pXz7jI9v|`c!Ig)RY4~Shdowl(O>u=M7B06|to&`WO z|1|)3YGRECZ1sPI^gqMz5qeA)e@VbdBs7O~Pe|CBaNcZc1j|I? zN41dsT{U3W=Y6c*X|fEv$MORg<&IN>$i-@&IiI3#Q06hGQq z>Qd#O%GmJReQM)XD&ZHshKUF ziwPAy2+yK#G$qIR zJ7Qd;#9+|i7Wbbmk-mhq<_q~Tpe&CGUI}uaX4{HX*j>4%pL;65LP^TZj!Ba$pZ&8{nmp^H^DaE67U&M zVn>=GzK_#jjm1TZGVsyd5m7esIpmMY)fVZdi(Y6bto;NfpV7u>D5IwKcopkJZHy)m zO;AFLoD|ZKR4{bh-#=7pbwl1qWIF_6MS9jxSA>LJr2nHkFo#4@g6s7tz_FO@(*Hid zJ22i;8gY2h8u^Sl(jT~R^FWSROCheXV>$}yNU2!W;erb@8>BGlxozYYL8LpCoHHLl z1X^D5@YntV<6aY>J}t_CI`Jk&fJY~RT_l8@z5Yz!=b-BTT)5O|O9E-Dnptp(CRLjj zl{Fa278WQ+(V^trU>I6q&sr#pbTKUa^rD@Y4-qqqWT94qk>4MZ-tG zL3;P7hVnE}`GG}R>2gVhj3wt@tio5bNvPjmB$_z`1}fx!H!bFUsX&0VjEbMfR!PVA zQz8*lvTt2>b-&c&i(l1h?00USN15U^kJaP!O2|%YV zN8?c= zL(XooI7Uvz=-jMJD(se}jH0kPF& z0|$4;XXKs?HwYd}%&m@~HZzUNPhvuR)urifqEc7n#Boh*XR4&?hdV=}OR1$QmEvX2 z2%wxa1p~)}{S+l}*PTvJ6dEG>P{#e^Sn&jyZj=8yXf?j8`>48A+TUCT3FAM;k&NF= zZxTYEM3SlQq=w<EP|TZeV)OzUd+ z{NN!n{V5>Kl#$iJDwZO`BpZ(vmu((rD>^l58arcUQ`a^%8e`l4v}g}vqqxea6bK9P zEdk-fL-_Nt)E#wwF?#Jy7@05#nuMh9`#Lc&Zn<_jPCdPuJb&KhJb6!d*2kb-SQ~gydtl6-{G|Pu2Hfxdw zk?;da#QlK?!3ey*&r;F7?U9`j%=RmX3o%?aY8EJ;urxJjy$B2^RK0) zb?O0>640eNOIb+3hI&>BZTT$3J&NoFD?9ouspK&P7L{ef+(F~q5^@%yaMNb zd16?X_GJ8mOF`v0O2^m|4vhzaWNulLyy|JYW+W2B{rby zDD-k2SMjYZEzA;!I3~N~wodD&Kc2_tM9Nk-k>k3nJu$sxL5Q|9fdaj}?sjw#Auxc8 z=FOKdw^M0V(~U3burbR6nwo3MQ$GzAjE>2}Xs)~xVU@S?EzpjF-cyRlPX!i(CENcR zrO+%N-$I&WTXbbHl3OdUKGaKYFAXlHt2ZMLrJ`* zXQlVDp*8UXM3(SFl~Tp=5(U901gcO=kLW7Lp43lov#GR9jJ~o|sy>_xYKeX=IIPyT zJeA5QvCD=MIyjVt%iQ1CIjwKL51b}i$2z6RyihSHMG7Usa!?4#daBoF_{{Q2NJBrH z34bOlJt7)8aReV*co9yB&omn_{pdxFMz&2#5O-&IozSW>+`3$-+#`-EQ1hwVv4eZD zVVjDg6~l9Ykkb>HYTOp{U;yr3D1KfsntdzqmVL24gnz0~g*`1qcFZA+=E zXq%FCKj)=n6++p&6QNS}+%#H9jIbmvn`P%z`X)T0gsx-S)n^WBR zrWzrpDwfktr=^WW;>t4GSvlQgoyVvS%&K`}QY9$+(@;KxheI_D^>0F4US$$os((Am zd@Lu-Ykw-nrRLt#rg(hg$0#(0z<}N52pJEj^3c3gmg*3`(ol=Znq~TtBPTtqXaz#@i^eJwk0B zbQU>+rUCmD7}4%S9DTdDQU;)Uq`-jS!P(nb7Nl7H2O>>Zp-{;rEyFHC?=O{JX{Sf& z{{22pkw46&@~UO>z~vxkMdmLKCmX~L={!>{ZhpTMr(MPBOIk_NSX2mPUF|ChA$-Aq zR<_KSPiIHusOpQiO?1`^$*>U)2h&gSR^W;I+~X4NSB`_19WaR81+k2mH&YZ@s1|C_ z8!Fqq%9O`gsuW7fvYccbZdMj$4-LR*Bh8#Gy5=V$9BJV$v`f5x9;#b0g{2`oyyMx_d zNbETYziCOQMpDz4SA|J#CtO;wid-U5g4D$P0Ha0xKp2^{Rwy97MES0Ys43+1fbUc? z7JQ)(?puEx1n9yzR))gZYt-wa;Vm=VHdt-2u7^#WMv$n#_o%2pDzt{f4)x1laT9{uua#)=NxBQ z7$cod9xX}EaFC3S4#OFS15>*`tI(V{^1TpEehsYLXyHuCN+(tH;Zm!6CH~DTmAiK` zk58XL-h;rsU(ev000apN@Oq4L29>fP{)lqQpuCcm|MtoTNC(FvR9!N)YwhV7Y)p95 zojbKb^(CG{aX+FyEE9ot!q+$ zc*Z!Hr&%p;f&Y!D1&#OHm70!KJ@dxR#jss&Zah_0rzqA{&YZdfFCA&fg-+QiH5%Xf zkiO0F`Ki*WqYr9apfhh@|2C@Bs8nh~`fP=^^pPYLEpucHvny<@NOX-2{A=P$?HUC# zC{u7B)>I+`j^bhf!Rj2rFh=N;%? z4dj*(QL+f`=C6S&QeIZu2SSJToV;eoAUU=o0mB{aGf*E_va)nYin+)GqG+CwgPX~> zrjg<4bEdc5M1v?G_P62SF}fwo_L91JT-y&$<(+XL2)=&@u;K}9ojAL_jY}54*2h^F zM@40?7WA6>ha$4Mdq_xSCKH_+)t1eGmg|HMZo@A{#bo@4GY6Xr&DttpOi%_Le< ziXNo%z~%$`Oc5a%0QZRZ!`P8%Tc)Qi{oy9QzSpLViWya0ZC|eBk1R=nDFSoXLuBCX zGqtXybTW6D(@hXn>*?l|xQ0$Z|JDrF{tjG8cs5}Tw^I1CblN71z`(c|z5u-c*SfED z+@$U*wRY1z8~fKG0)vV$N#y`8SFLsmk8TMnW&5bbSaRS&1N)DtuZmO?>`cRl)j=11 zb4R5^sBVZJ3T-+L`3)4M6K8ol?`AJ~>c}s33n7!NS7OssCbj`0AN+G#+c?==>O@zZ zO%sg(6i#v9tQ|I6u=zXoU~OOD4(#a*fHm%dl+$}X?C&I+@dlwV(@Pfm8&eaI#4fqG zbzTU@89j}6N^pH-g(3i-r}^nDxA}R*0&`m%IiZhKZ&aIdlHnHb9{%l5d8(hdNT7x0C)w`;MvQ9R&)I8|<95b}+N~fTfp!?3Q%q(pk$#6bvW)MkMUwMR z$`j8=!k23!v*w6~rCj?ddr8NRDUbbW1V*S3P4;Rr%Hw`vt0}D`dX8D0G9i8kzOw8v z1pZX8OGeB&wb{I3cceo|vDvT7K)ux-*CYedmoMy1toxQbdHe9wbMkP)Cp@8~qByPp z4G0MNP+W*#sV$E$&*#w~-K$`!I;F5IJ5I4-!-k2)dHt(rH$4uKkmdEPweaN86IA*E zH@Onkcrt)?Cl*eK&g5a2kXd-N@ve9E&-cz zF!6kg{ORL6=!C}t;UT#Qmoc5YX5YF8; zjR{s1Hzu#!>(&TrIBAuFhd2W@=c<%ogi4gQnDB0)PRoCCDyUG6a7aCw;WIv|psu(` zMX5{9x`kl7)!1iWcF1|6>RTxULS!ce@RPBSm~aICK#<4LPCel)D>uT~!^N=Kn*A_H z=JqLFE#v$BSs(QV!_vqgkj5XTZ_<~;<5xHr^P%vcsV5$HAz+K9VpW|hVINTW(2}Z~ zGeTuE2VnRO-YCymeHjmj-kHqluJt8Ub)q|a=-1Y>3nIBxRP!Af^Z`OoT_zIvQ?h9( zy<`r$J?*u$%&a;hxtYX`P!tDZ(N9V`Q`&m;0fZT=<7=frDbliFDhg}zXT}Y0#GV|y zHiZ6S1bqI##Z?0hPijHoN432?$}4?ZB~D?Type(-`Y4!2fdA#~LO}Lr+lF1Uua)z| z#cs8!{0b>e!}817*6%#TYJBevoykm|pSO>1f=MCMRH;Nx`d3u0v`l!_7ZH9V=+%?) z@cLzQvTtZER1y&fhqGoQvzVzDe2w*o7kch(sA4?8bk+c4JJ*l|sKR?|CtQJvUb)FD zB&+ySJ-jnqQul}WR9JlYorAM8Y5RCkP20LC2+<5T$fJAVWn*ulxF2X6LEe*8SVrR1 zvR^{=DaS?Vwfcid@cD-P)vSeT^_lILo7-{5BZR2Ht{M>fq~2QGjew+){l!lw*}F;dq_veVm09s-ueAujvXSby%}U-UhDcHD2}V2dzm8d5+$gf+aCc_gGey1~B_F2_B z$DfvSdf%ua;sL9IAg5JxJ;#6wNaP6y>-IibIoxJpNv~t?xmu*~fiH&e4E@_Lf~sS7 z8_c|5j6)@?pb_eCiF7c!2F+9tBLOz4R9@B@LEx4Z^m zmsuy*=v1YsJxoHUKnvYd1t?6lkmx2bQ!B`J?0heWiiqcb4Y2XhxPTfa2rP(NIymYO zsP?GQWW~>7W!v%%G%;)iCLU#(%v{ri3RhQ;S^9qvUcj|_ioo2T30n1i)33y#Or!=+ z=tCCU!z1+!M(440(S8qWMyUQ?1>R!tk??WpAA7{yyn-R+$2Gh&6v@TWb*_Se5tAlm zy#Fi|e29-V4$XfcGBI%JyjrICYe^d$&!c3)F9fngT}Qd#Vevu=;R6B)vJNvWhiN>& z;ww7m)D>QS6`IPVSBva<&Y|C2`|Vu%8YNN6y!9;umlBJ|J5UJzjx=(Si(^NRg*AZGkUfa6`YFG{OdgA8_&1q@+8+ASAICs6_*+e zYtv-BmC7I)dfy5~Ba2cL%pMt~I|-?Q{aFqt1Y59ekfwRR5?FcGk4~zpPV9fvC~B?N z-kuL7R~^rYRFa3^Q~OOOPZ&ARH2Tz&XvJ{2E(K;i&Aoc|?EHZcorWR8l|k$G#gmS} z=mr}E>hT+}C^{~^?rrg+dD5jW*6Q{ShYv3fZm#u7HJk)*UDk1{W2oi}$yNBqaX+njqfL*6JtuM%Y|W+S;zSgR_x>k zNxYsK@Mii`vhyU7h9n>Pv?~AAOHx~$u!Gm~cO1ea@0V zcX-I4aK2Cq4=xT*s8DmD;dV^N%VAIW^ITAZSiq0GuZ2kMj^z&iIbj*h(#<%DW5Ef3|N9>$QclZAN=U#9MMXrvNi=} znB=cIAReYl2|yIn2=MfUk8}3hJ0w77iV|8^kF0?Lr!m0Q8)TJsy6let&%_5f%myIX z4$0JKK?YEjti1ONo7?}aG#x@udHZ)JkZ5KP0_zI*N7w69W6iKOL=HS;9A6C)ACyT= z$2pg|E$H05)uxL*CuAJZe=omWP_y29B;<Cp%j%KaMOj|#vfxv!LE9nVQ)-c4w9IzFG5aa{>P!NB)J*6#SxMAGprc1NrSyNS1} zZrbk8hZ^I5fAwQ7+-?A0)1jcGJV5Jy4vxZNpEK6Qvt_Z}q*~VX?c}iGbOMfD2a*3=MIBzhC#mjRPd5w6?a+20h$x z-J%YK!%gvh-@`q0gP8pMc#||RDA;ogQ<2o$^!@rM!Isn$$kOq;85FtS@Vx4bF}&W* zwCzG@hz+<|cir+nbS`@LhYwZj{CHd=G#119`TZ+7iTf$;YZDj%*3DlJ;ds6@R?BHt zSV32p)^e%Ro@s4!lg76Dqsjg2^{giHPGiH^*tpL5OvMo^rg^Mfxne?zsig46?X0S~ zQk!NP1qJ1{ANNx(AtAx&W_K_lK7Oa}YY9#_hLYV0d^-}i&{FUSYA8m6#Eg@{J=0^qNUmCnr(OT>8VBSidCKKl}@i`h2ANa z@lvJw5=nP1KI+j_Hsw!PtT@(9H$jmo^c@GP%Hmkw&z6Za`hKa3<)x(zbEi}ZoXtwj zW|_;DJ=oU$1j&gc-c3&m_#xIUulh>e?oDG>suEf5ha^MHsgGFS_d+d?lVXR5Mb+_& znl1`XmvcJr9tS8&%GdU@>h>sO)Sm)L{m$D%n6^ojH603{pHJPA+S=KLlcKoZN;sb9 z^y*z+ty(TC#ts|K%i@xfk%qjw-@Ay94DcKol0dUY0?yxS zUmG3G`T42cyTVu=hKFgMH!D$ZU)`Q9M*#ca?TjGY=t7wyCpP%aFMiLLgH+CUW_szX z3cYo}AVg-x6Npp)FicjPEWWHZv@oHp`Jre`Z5REBty{w2k!&9Cw)7HN85x$nUMC)* zBY--X3+;4yzfD-Gx#Lsm?*zAW?nY2XIlEr0HV!r4FDS|;6N<*9b?NxL7!%s;M7~aO zUZI~+ft8FKZ({;f1peD};cKx-1B^&IP|2TCsdNJP_%sSp|1c^F3Wfl3e0=^*?hV%I~AZ+m~@GNo`ndwNhz^L};Qv~vM40McKkS@t1( zY1kZ2BZ|(3+#M$+nV^P2W&0PZCw5!th^DZ}f@Zqecn?=B-KLlndcJUO^3tt7H2lR}DYT!Tf2M_yg zA@e490Iom_f^VkRA#@v)tDn{3@q7gYY7;QV^Pux-lQD%YtOYRpaoqhV`^bT7bN}e5 zoojbj%MjJk!6C}_AXV3gJUTi$J4UpDy`Yn}WgBF4YKrBprtOr%+}he%4Q&ICf|fRQ zZcc%5h(8cKeWR?b%;a^IeS74CP4|jk1{6(S0&{+a3=9mc3zptX4p{MRt;w1(7D<+C z7VAf?1qy@&s4PD`?%8u?)3emK?evGY`#@ulBUDfQc49H{KvWK7xIWMMwKKhQ;1wjl zf=EDIRI0Ve#ohuz@DFt0<$3J3`JN_Yo&csUA0e;%ZR2XcY0ZWa;W#Gy6(mJKid1lc zMyqA!ypAeWmiMD!V%bUj5^PB%Nj#Ax{YdZK-x&3y{|OOw0brKYKW|gJ-LmGIUjuDP zf0Z0=L^{SHuFA;Dy4LhPecN?-2f(7@i%!4-L|cahj4VxK61*lC`jkKpqeLE8MchR~ zo$&d19ZjP*oao~FS_iDE2?dUM&y zgKOFL0nDxMD@EF+=rz(iukYL1767wwVq?qBUM1!Rp`%8c9cdixyg9V|pBOeESp;yb z_TSD>ucSJ@8lsn6mg^=6L1C%k`j33!1TwuBw7#(r_tCwO|8{=^dr9y7+?-U=LkhL# z#Ll(2kP>@kRvMzKj~*8pZRdT0yUXVfUU}rFBryO*k%N$H<}cANy;sb^x`AEhfeMtc zz$cZ_v9W~QulFO8HY|TGy+Dv$$s!F0nw0CHE%IA`4qi5tOR0z&z=L888X&6M6VCZa z06Z}16=T1iR@875;{{v?J|OxesAv$nYC-I}Z~Onmf`bs31?x)qE7u2y6u%7bD)s{u zfz@`CYwrsJSM1C`E8Q*naRcg|N8egVXUwv?bqEx6!{e+9B$A4ta|0>}Z{Q;L^PaRm zXdn0U`ln;{@ft-K2`^w9fxYnV1h(q+g4B;olrecd+tmiRZKDFwzt87>ESEP$K}spyXhq1yFS3=uKr=IEPbk9;|eu(djX=b7*zle12bzU|`Aw3ra)GD_bgHbZ5PGpbZC; zwR~vX52ruIOAE7Q*D<@h2KBf{g*^G#7$28xI;qV}Yn9#^79;2L$dcG?9`So@=c-?m zu#@-}j}^3*qWb#zh1gwTSRn7sqz=_!qKF(I-ZKrK{R09ZoiRWGyw`f{KA?Khf;J+c zt1W1181&rdIM|mu)AOEclslPWUYS#1sPgy0KJqhNr2!)@pySUHXMs(0i~rx=?MqpD zwf*xJJDq7B=`7|95$=WOZoIF_J8_&d-uFu3y}pl$*595#eOj8-`e*iuU6E zKJTczTWhlRZ;f3Y%a8o?ACrMs$GL-glF4W1fwB;XgU8Np&DCA%7c<|!ekFO@sY+{F z!WT82waE%hYj<5U`=0)0dyUcD@0C`3PS?G%TXxO+XHq`pje%U{f4|ka~=8g?pQT_4E22 zXKXxSs(^L2JR{rBmVVRfE(fL_rTzomhZG^rLl;}dWtv^TyiW*2O$4>_PbeMG{B&ZM zoD46bX$Vxvb!Nr>78|(Tj6xkcz*1ylsjY<+!lsTYpjco%XC=(ppwcE1*nCocT~%NL zcchBIS5W)-pU@{z=?Fy%n?O^f*SCL7#;!kIwG$(FII%Rx^V@lC-Qar1a)}8IxtOieej=gsp{TlncR8O3_#%N>gTe~ HDWM4f7r`rh literal 85721 zcmb4rWmsHI(l#={;DZKt2^L&}TX1&^4DRm19fBvgli= znAd?tm;0MgP{L5s;v#Au&_^E;G6;Xp`t2Uh62JNFbvoZi3=2=lQg8$QBwvJh7D9zq z9IS+e0zK_@I?4r(V!(5^*ikW=BpbgAG`gIP_3f< zN}K1`wRK@k0JMlO2n6`gB@#GOo1*Xq5hl=|j0_0;_XP1XY_-oGS( zZ~(ywAK=W$DgM%83y_18N}xgc%~kM48A3J@8Ce@Gi$|b5*k&sNLhlR;Ou(&zFm#Ps z33)!!Kg9Ehkb&6URSLFnUZ38H5&(Xbupt`-edYO|l?V6(!=dm&1fKs(J2(`wNV6iT zjQ`$^Kw)8kxIYRon*YCc4l)~ym@q(!U5!fNzjsuGj101T_+SYVajbx+hns2kaelFM zF5AyE3k10#Tx}Oa3@%#(@dR`RNPj7OJ&xZJkck?-I$@py17Yq*?R~{gf86LN&XD@v zk}o?AGu8P%eZt93PnV4qxW<#u;!hoWzf06|+Wug%*%z&TF*8SM{i`CM(5@+9XDm}! zx74CppWSRE$KdHev(B&we%O;L_wRbn!#l6`r}s16S0e5T`oC`oKMMDCR)s*_WxqUz z4Gj(LwOx*>a%Ktn31<2|-_5l9c-=p&z9`(?-EnxFf$z7I4T=mpd}k^?@_pLN4cnWP zB+XA`&{Qc@$TZ5ySNZUFgGVr+ULKZKp9?&QRj6oaRF)cS_oLXyax}_yQq4cFYn?rL zo&HFch$T7Re6T>nMo7t9aqK4+Y!|d&;s12A>^_U6FkK+8o)yX5u4SmUMDB6B9yaSY z1NTNxX{nT;&UX*%t%&daJ}m(YSa_n&bvxIB%(#ly{dn<%dA1K%et!NWiNqtiye?$sp$aS`hk7Sw&G%QQ8h0d^)2#gf|0tB-bW##jXm4o+7e5HV~;91)i>^ zT{fe+Rr+IyEq6vz>)|s`J6^KJ1a9>DcX)Ih&qlddZx;)25GEEyl*B#Gf4;H2JzEFx zV`5_NwVt+rA7<{*E7!SW8;T}Vf(3@d*T4&x4^ohWj0)V=I-xm{kEik@DG&%ngWG)` zN*LPN*w|)#JUyG4(W0)OZdMBgysnjQPL^jeJtA?LyvP5bCJlF$k;R#rnilVcAitSP zw{I`T!{W#W79rHZfGk*5uRZu>Jm9dFo1JN0j~CTv8{JP==%139bZ6N3@LmopJ1Wew zetmQ&-rm|O+Pz2Ke!S^;QJ1?7Kp;_a73LErH6<1JlmL%LB=t+*tGv>8T=1dHC`aJa zl@h_y(UHxki$Pkt_wTjelveOA7Z+y9j0?T+8{QGIOQgVBjKs01>AK{mJi#)9Uk5VC zSNj%JvQYbf+$vEoEs{^?LaM}|l-TQcdgby+pq|g4*@GVv7u+izLGONCsk9t7EbZ-P z`!#5Zj?x6}Bhj4Q{C1AjA^(ic$^H|12>wN0US9pNK_m!XO-H9hs-fwqx z@cc?6ujb?Uv`PB1H+jxzQtaY)+e50xn94&FMP`^o->}*2~T%A!s39{W zlF_->9Qn1??wH%oMA2^(#=>^T1#U8Sucj3>PlYUMiCe-r!#(m~kdsNW61?JWPFhc| z&rGz0O58Xb8mp=%dUPaa$0|FXTV!;yu0DPGbD&O*#!uoMfrCc>yw(+z<@dNrnicu3 zWuS-af~0Pe@rBbFP=!Xj=Y;=z5^|?fAxE>&Bnk zZ1B&3!ltHqSl{0@rm_YLrJ9x3zdd&|NgfNyw2l=Y5jHvi{7ITy-rM_x#vL7h=5&$5 zbnSo4vYU?)Wr}|+uY*JE`lYNGMXDk0QJ|2i6LLx^&+`<0RnH38d_Pg6hTO%bCd-Jy z8RKt81yUhP(er!yQ^0Y4QCL{W&<7omZ`c!>wNPvRFm*BV5m7y@*q^Q%e)8tGM~}|? z56GenF#07Bl8c+-DJAc}Y-|T~_7Qp{#D(7nI9@Vp<#)-V!uNB@eAc!Q!4So@=20h@ zk?a>MG8+B7<HXI9&RZ)2k&dT*!40IZ&l&B4)70+39&0_aP^YJVa{pK_9 z#W2@adySZU967e(xA2>6O@ah4x9uWFBB@JHsuaNzp_HS4U}f8d%m?&ttXq6$)6&(o zkH9t7w(f5<6(ADwHPI%3#%~+ulUY%n_zx-go zC6^Adeg9{Xj!i$H*4aUt44RziA6Cr1uN!1|;~3CWehIVPt7-AzBzOq~Gl!%3YAa6D zr8m?m7JXq1_Ic;5NaeGwFV7E&Ak}iH4j@p{BlTS6e5&-*KFg9MF$-*n1H!tJ^+_lH zxsesQ+?z0Mk`3~NgJir~L*t2a(rk<7_eI<#&>x1eEl2-)$H@&=8Aq?Ucp__ zc2uyDOP8dC697gjwHms8z!{&n5F99Au%bXjCAq~4=5K)03=&a%41C>w!&?0DseD;= zK?}OB?=1Mw7sJfzM8R)+1MDgGYJ%kH<4;1~=quf^q|QL|bNr6Tv$KEuvunL4OklG= zR+Hn;7S5xDVosO+M2z3_Wp)eitVf-%lImyJ1oZaEPq&I^^-#_3r~2sWCUon{#)Yhn zQ`yflh|4rSvrl6M@>w4uaf>Z1!jx$rCCM#5b=~ux>DsQzLxJ~8rc(AQH{4jZS=6$eLtCzBkD?5%cmSW&tqe*Xb1vsKgd?t&j!&6>KIaOfG4sF##9 zq{M_7Uz?qk(bZDYu;g<;DXX|gHa&z&R|L$7-X27^^gLq)ggCe+GDF;ys?g3F(_w7V zSA$r7i)E8WE0>bPX6%dzbChlv8IEq9rbcvIz{-CyKq;8+m`TciUN^0vI;aHS-C(;k z^JiL7NL>^6txs#Z;U;RjT-IAm>+u=qTITtn+A10IEYE@q^vF+LzTPuM%76z~espXC zZo4v@R_#4a|7PFtw=PH#Y?A9EK(X?(IJ!AYtdLDs_Ril8|;N=3ewq6DEOxL7tf)^&SP!#3Z z?tO@nz8mLo*;7g!9|+<^^$9V@oFAuL69S|wb7nV8;XcyBylJwUez7fLM&3&cK2U6Z zI%c4Pw-fh|3Q%CvIEU=W56p_SIRraGm(I12PPoluh=l4lpReO{R2Rq}>xlE}PieH` zc+wQ;8Fc!b*Wy$;I$@}zB#x%xau_jAnLJcQcCoY@zl8%sC z#_WsLP32q;Iob&N;`Wp^Z@yO|_drxqPx~?Axaq#EGpdJwysmcO{TSJw; zV#zan9TH}8-kjwZiOF9V78tha>>CRVf_?@7(maXJ$qm`jL}1A?fH-eM+=PUC4CPEo7V`yRoqN=; z0jv*z49`#-yPcfXvve?`AW@oH=bOBJoi%6g`%Ec#6(aEdn=U^~U1n3lLwWnLq&G2aPjXaHM*Ho1ZLIJ z8gNE5u`h5QuRHKt36`5SAuLw|STe7mi(LwRiT;kO47|&kRSjh`Qs8Ft&~MyNwsE@! zmx%k0xr$FEIhuhByXzPh24%4Nl2wgGwqH&*vD7{Edz6x`2!RbvAO_Dp0%?Qg#hJ<% zdSpUhkO!hcvzM^nUW;*UEZ3N3#MW?_{~0MM_N?6oKH-nz-X>&1sA~L}PnA{dNy(pa z(0gg#H)#Y!;_5@6pY<;8I!V|Uu(V8e_X)M7J5(E^tU1q5gmn%Ve?C3WQ);#eU?8#~ z6Bpbp5I#fg4e02W2l-O&eG066bt{K{pzD3>;tSPgv94U14?=yvb~qn0#=v6b&b=j`X2|_|F&dRBZC=LTLerq0|g|dxr+{3qQ z8o%*2tI5NOdl)jhB9E^Ng-{>44&8f=o#_w!!Szgxd-UE_3-ETCb#KtY-dzSP#=E9;>p_fS^}U!FIDo3dH1ot+i>`5Ux7+>BS_kU2>gdekNW8o-A?Btp)da$X zd==5q-BjbBqLtN8lm!pKxQ~Zr(Ne;)Tgv!b=pZ4p5B(a%>l&r0 z2K6dk8$4em)2|s%^~?6O^8kaoXa=OhZ!#dO1+X;ri2&UxEI&BI?toec8I|IE>E+9Y-i$Gc5O7j}@x?1k%OE{LE(#>tyW?N@D9U^<@_l z1|K5D&p}{*TIihf&Js)yT!~w$zkmkWA`tk380FDs9F(tfR25Pj#Y#p(^RACtH{}$J zkKfR@2(P@mj!05XmhZ-W$ddxom9?nFCFfq{ZNvCx-?O_&E(|DLFwMdt;{M_Kk9D^jBR*oP9bh>+qfMO<|)ej5&=d$X9w9d3kT zsE04c^JF`sse2N1o*^SdSD)XYg8pxurxO7EBcSUgUYkEy!mmqtH)uJ}@9br>|57** z^CGEZn7B0&Joj#ky;SITGMuyF4)Z|hH+u;}(N9$%lsA6R^2x@y_7b$e zpJ%oSE6tklL)45H!M2n8S2UzgOExGW)2l5RTFn}neLrQ&^RxaJN2?$wgUPd=KsNk0 zO|NK=5f%hpGp=3DoBQv;D_(`u`&~Bjgw| z?K}!Jx@1xk1`f_Tn)xIqH8qV=;61g$|Iw;M2m$_TxUK?c0*18p8R@Slo+(Z1tYqn! zR`tFq?JvKJ_|za@K=TKSjx(f4KQR0Yo8Dh=l7&J^UqMYvO~Et^AhYHAvn~NpLVFk~ z5x&(9|2iYQa3V!HB~({+TzzyadgA1U>xZkmZ^m_ja8kXLZJc36?&(y#)>80)4pT%& z329Uatf@c5U2RaVLP!I3028X$Jg!p0+>V&@7Z^TU>;^bl%~HinT*(z|rqd{Ed=j8m z>SGq2x=4H7sWfrTA+&I)t)B02+atGH4tfUS?6_~HKimG?I#-j5!Fhk~e3yjzOq82t ztFnIuZOM^?#V%>~1swA&4h2~K3K|CReipV&4MW>ao}Lphy_($+y?0WECT1$JIU=mZ z+Pezacd>fmuv%h_I54MqtC}-}?L-UYk%XXvyLd8)h7?eJjh^mwOv_rL?7qAb)^4AY zOT}<5FXt%kJ*`gb4(?z z{s_T;#TyLrP>$2)o4&6!f z-6F9p)$H{b&7w_qHKb?CM7|v@qLC^Ml0%kWj{@zHH}9E~;Jct9da3bd`jIoFZai>p zZxv#21bR5XZbo+akqF*26evx!m#D+ z9A<+fV}YmjXA8n5zWXH}czQ0*_W{$GILV=y90GNzr~{2-8`{@0W-%YXSb~$)4kl?* zbvTSfR5Yw%L>SK@Jf|d!@pd!+;P_$4k~;l}(WL7<%=H=|`Lc6t$oz)%NlDmQ^UYLT zg{6y8Blb=r-OPQ{r#5Tdlzbum3qGD#K)GKsD>MS?xAYOelEg3<4nx;@fBlELU5EFH z2ez}gLqYJ4F7_){qw9RQNH=Fw@i)=(4s3e;_f6JF ze=M^_kJD(Y!y=WMx0}hV&G{a*9Lm99;ZqAGdN17{K;>B8$6EjwmhH ztT+88NgI=lGummVb4km8*|EsqcdO;fGQFE%5PPLLbLfO=K0gF6&bnxe{`J%V&}ZY( zHdyT@u*fkT*po)>BxcMw>%q`RJ2pgK#VO5o;kc})$i(xfc3ENVI!F@}MXtze0JE_FaESWE5IrO{ZRV7SPCM)932b-ma zD3G2zk;(d{138nSt%W-mKWQ(DllVA?6?7}*Fg-{FV~RouAMxNgWvdq0Yn@ z-x_pm^Nxy|U!R3dRlcqI0xRZD;iTFrZIF=A@3)fp(^9^&pIahViY+x?os`jykTU#- zfuAUlGwhSooNfOs>Y+E>3bUG`E-Z9b=4qgxIu70Rb#VtbNtJ}1gQfGkcT3<`C=s`t zb+(m(AS^o>i_r#^maROwm53A*T^?5z(m{q-1rJ5jM5wjN6DIHCt79Nlni9K%>yfbB z_|c^f)tD#nyHGjh9m&1jEUQjSakwv7HRn0gV``Zp8ctfS#ng6*w9?~+3C5%?77F25 zsP`R(Sv6@*>QU?w9;p~!v67ygUX~`Tw$bPZ6RD{xrp2$i66{SCOayb^3;wV#(54lU zi^0$$Li9A*H=w`jJ0te&M)TcE71#J0?Ov1Lmh)W&d_bPrVQJxyRo;TJi7-N!>u9B( zQ$FiOD5k3K*z&MU4)yi#5X!xL21ZxiX}un055<|`t4ND?-`$FqGB0sCI=3w zh#cd=RZsoUC-tN%_|W z55831b2@h7yWZf2eos{U6MpV=niIJ~S8p9u8^&KY%=sIb4bd)DX*Ir@h{T3w$cqX? ztQ=x?e~oojaOaLdew~{n9ZragGHwgc84K`}7H0oDE5Mn`ZESF6V-2-?CxbG{K?GK3 z!>R1|9scTMGN1*-w$Dfna54hcvM~gIf^RHvo!AcO$Q>wK^9Gm!k) zN(A+0nta8KQUzz>avPabpNe}KCL}nBk7j+EUM8I_fflvnSIVdKYkgZitpkGu*XjXMw$Icx`%Cl{U&x|Xp~wV&sf%t#CP?>pW?&w!7Dnx5ueBJ zZS>>Hnmp{Qy@AKd*U2<6d48vZ_K+17(E(y`&I{Uu@)HQbD$Bue9d7)0KdmAWt<~Gg zkS`l*7e*IA*UR%{r6l>RFLGwjMFO%jyNFj2%PI?pfXP(aJcdfV%X#FV{ru-Ey^D&| zVx1}DXr^xj)2|cGR9ye4=kr%E0}N(_f@q&18B|DuFE0vK7r0fEiE7pqAW9;nC{IH$ zN16ESAnnugvfVSp74}18Vz$t1DjKUMQK`uMXO+BO`@$iAqw_Eoud8rNT8Q8IG%K!} zY$|@i1qxrPN{Y5w9u0^nSm+_0=IS=A`D)Sq4sa7ApL)0AW#}VVz>o+=cS&)_hDRcF zOQwUaaa72`#$a(p<_J;cC|ONpq(3|`?W&#L54mzjFF6bznPVz{{D z_({3J{hRb-HFJ;C9Z6b010FJ6^k<8+wPQ6s9DZBV|G4yl_Ici9T{-_qM`iToxp0_Z z0#6VPS9X^Bc^6!dC_uBkbQ>4iGxCdl$^?Ij^wi_&RefBy^|*=o>vatO)@Djsykw7= zauYNYnEMqqZDK4Uvn zM0%?V3CP%{Q%@z*nop(%O(*VvU=B{-4Jb?E8kzZY4WQ&_21ifMj9=`fn}*ER#ipGt z5`R!rO6d{`!MBq8YdAO~JE8R>7SyYC7qc<1K0VyMf1J(g;;)Fa{Xu$1rpZJo#^AY$ zug%e*_z9;YisfgQS;nll#
XDBWv1B0s2_@;Ua)tq<%MzDNYUEQ|n$fy>Y7IKu$q#^9&YzSjV#_aGnVz+-lu0sT4*EeOUKCt>JW|fKSW(e&o|^(=+(z^!Lzr zn|GW7&42UWN~%DAdnf=1`U&-|SXtPVd+?&q=1a(cw@$2O&lef|RP7?WJM0FS2aQH#lS^`_hK)5V;` zOvd=Agm5aKcBgkjavduyIt_mbiVd*NP?8n(C_`=mU$5vNC1wSJ2D&+{*N&SQXVav2 zMjigFyxiw=V?mqF{`!z#9P1kci@TDpDr{es(-`{$?C(rnJ;%BPP6nNLtbj;4SjW-BvkBCKi8;jD%eM3sUJyaM>`!WchRfZH_*(6TZ zITzB@D@tIC0S&YuG>o#fivIW`&ZR-SH^#iY67aR#EcsAjSfv$#oZ}#Fq=8QYnhmFK zoyDOHI4>8JpK{n|UOj3|{YGp7Y$I`;KZdo};--neEja=GiH!FjdG3t=uJwVAwcd~8 z8>}6IJr;ULvg`-==V0{|^j*^Ln(c#{zBUZa6xB*vcbYLCzzAOd)o%0CT7&J$qSn2M`7qqm$7?!1}ZdK4ToI6~Bsu zk;zyCMZ|&s6!f^Oj+zijg7=A%s#<}F(A34BrFh)vLt6X~mHpgO!iz6WzswL!bLALK z8;wwRJ$u+iTRJC9D@|9w^urv5&RG5x#6V#xP$ztXEkao$z!0sJImP1;N}ngRK2+9^4B58g08s(Ckd5 z0>VVS3K&YaC={A?b&n@Qt4kH;TG9r#e(0neGNBQe5Rn{PlvGcp^LT9ATaeSn1$;Rj ze(dRDF%ngS&#bz+P&q$$?yImAaN0$s+?U)YOX$X@)!lb;#OjmM%vM{6*-*>M7d1Cr z#`#kw{)@!lFj*CVR{cbF1S|(wU^5dX4(@RNnWt-#Ox*?}wz*DIwM27w>v?_Ra@`So zb9I0UkYcj>1SeG)2h6RNEj4LL{h|NcMWP{XAh}8jX$7%8IWw#CIzF{s`cqMh?c%7p z8^XCA27L#Ar7kcW)nxf#oWLHH!&i46PJvaUN(=yWrLB?83}pla7O%f8`(<7o&$UWA zI9`BATUFIRJORRE-p*WjnpeQ=wp3gxE*E2V`{jJTC#Rqp+j5SG{K=D05~Dl!R<&&j zG~!0_@WHxkc;hX4-wr7g|4w@RVa;RZ_BLW&fV*c826NKFUx<`U2@6;h9mcP{Yyv;@x-~B1TMamoWxrY8QnN&8CAp{7Q*p zG4xBQvEx>1Cxh@>D(!h*D-P)v)G1DGcNXQm|G-x}4N)2m9Z<*+&G_M4h#x#R8B<+H=+q~Q=^lWEq zqgH=;w@v+)(U|mbh_5Y`TQ=MtU;^lMe+gT@hcOH8s7gm_0H-jQ9&DvL$UYLq(>p;&Zacp3n0fW z$-k#-QyLL;&~Q|1#u1)xnc*Id&uK&Z>%0Kx#|X?f9$ahqY)e!=31Tvq zcS~xb%%dZ_atjj+m;+26K(m zBBq~hGHzG|6rkDmVg8Ri+%#e$@$h(6zlcBbXFa!<@33wfjTR|+c$&IgD8Ha-8N5em zr@`M*lLptDuAAT&tcu|+b0&#K_z)dMQHd_PJBgrO1HE!XwddfOU) z(!JiguL&6-48{kjue(8>rghQs_M&hOwL7Rkc6B!ev*knG&K4H>pjwaJcX7|+!v<%* zM<-i~SOnV-JlSN=2ilU3lg95mZwC$jksMKdvL$l7(DXHYkDL&3fStCvfQG3sA{KHS zCIh5B0O$8NVezX8dg|YRiXL|>yllVXe!zpiMbRCWZPz#^jUIt>BC&Dit$_+(utR8X zFbkb+vHZ5ET~vxB;St9@Wzls8HC`0U`gK|oEo+394ZM5JbuHPD8KTXITy7rvd6b(+ z9vWIlim9n29BjatSFxfo)Y|x?A|#MH(flva7aR#iGY*=ovLRw~z_j5N_wU0f<+$C0 zLRfduoD1WAHa$nPBCfNgoZ3)J+a#o&q&qr6fIb5jV*tS>a`b8T{yWE5@9^8-2 z09_yk@w%1A-AER^E#RtnGb8{5yuX{{?FeF!^nTz7cGBbPun>S#NE~RTiJC8hhmR{C+;aTc21XR^YGT~dR_^P2kqr1VJY^So+B_U|3BJO;K zy1@o7&IP(h02K!Q(SaaKKoxIIfad!$_?JOuxqzxo0=Jms7+H<4b{WyA50b=dKs`QU zX0sK9=VDln5Ql&UQ$>1fk>LayOdYw~E_G+SDw&;nt>$X%l)}pGdN)>@aI^99$r@U3SD=a~tgPzFo%?+!$Iv8Ncj~V$TX8bneDf|TKYBjI z(-9pBVBB%a-98&Vc2s+2paUf|H})+atl8A&?UC&f_;)`H4M3Zb5)R3_S)S)(E;PH< zM8e-kBFPRF3o`r3 zh8w)%(yQ(0rP~wNwyU~*Zc#f6Yhfs8J$#pP_`dk-3WcakTxOaUaPi0}7~L6W`h2Mo z#~bX`hPSB6SZ}H~^_m_7mLh20C!&BnbCtd0x#w(ls1N(vMBpXKMIHFF6q^E=sEIbL z_OWHTzAB951RUW4YyB7xI~x!P-5!tqmD~&wmqcnZl^E=TW~F&9r2k1|;K8JLkeb$J z$lKUqy#-&OIFmN*ypO5>yo)xhBuzfgxt*Bi$e+uF{AnuM{8*dv?y%PBHZNVplwhVk zRkI4#Cll@QjZ0N;v?BU7gC)u?%lOEqJRc8MtAEJ+6xqdAfxu6f;L*^kZ^2H~y|k~0 zj(JDevK3?GWA`ww+3+v0%9(ViF`!GSYQb!IOy%D3BP)A@IA>&E0lrOm^KojB+ED5H z{w99Y)t*{?U|3je!4%c?#{wUTdrgq+h=Vz_CN2*t;r`kq;i3YtO!b|0CroKFS8x~V zV?f+OrO#(xOq3Xx8zM7OGqW+L)SikJ9hn}l>i5lV1v>`NcYkqz;S^wJk{4mN;AV%h z&YS5>bV(jtaLa}|h>Z2T?;w)3lM3O)n`J$8&Vd#=q6y)pElTn1U}(R~fbUX5*xN<8 zJyG}bf`MJYM!;IwEqDqwnkHDvM~?9#%Jji0!^Js)vtZE<%iO%uNGRbsH;$Xs&X8{a zjj65fDSPAM?iJLw=}rh^$%T;8)TbAD%ZgO|=1HzYTdU zAAlH15||Gog=@V1jNlDa=gbJPX}T~?E3k2ls*zcBwxpZ~`JUlMoBtDMw;$y#-R~1H z4njAjLSq*>GSAe+@KcFOzz#;Kz$)XWYO_{mG0id#mi>I5L4Q9v+F{l=n@RU7rTgi7 zOhKF|bR%%#Ruyf(8Q}y67Fq6Guxu{I50&yI1o#}ZiJz^WoLvA6Gt( z6Z8{5#Fmu!cip)u*FJpSW@L#uN-Z#JZB!g8uqHKT%Hy)wB8v80fKNBAvmHlLc=>(x z-RkSepUqlt7&5Z~9!Hvv@MfzIohK*hcTt))6#;9AW&+vx6>h?4@SnAL<{FWM=5MJ8 z3pZLE{s|M;paLk8h#QZ7>ag_wEP=*44e^G88L_XzcUVs|GOa}w!sb$>S$oFxO#o{O(o@x(m$2AunwMYK6MkI==EfTcxW3tV+GF)T=`#Ym>O z;j$0^nRw(J9NI=dB5*WwrOmQE71(gS48p(OHfFbco9%Nvs#_7m!?@Gp|DLil2H}}} z6t79fpE)ZN{W#60h2eLygx%jn6A%k}o^|drjWTUVuO?Tke8t~Sw6th<7FjDL*o)00 zz4PSIv5nkuQB%?<9lC2W^pBJ(p|LRRx@VS)A4{b_%>^PyM^;L?hNnZ{AMlD=(8piA z#8X+EJV8%9HBS_~%Y(xkJQ*To)ph$ak+odQ^&% z#xM1;6KtYE;iSO-(A;B2XjD+ZWQ0WrR6#zwyD*NEGf)Gh;)bzndGq2f@`EZ^F zMP5|%0Oc^7h6j@FK=NB!7&H%$^y!|lM`yuuWEe`Ax~Ql5V9AFhaUzZc+8fzFwhp}j zgKVjw-690JU?qf2IG$9ej4#?F3ApjVVChDp3Ln3!Os-9|OS zUktATFa4*ZKDXsCcXH8plSB&T{Hlwewj1i%tUjuAA>14?5YxD2!0!7Xc$5?rU%#`x z!#6fqVD_g6i=w*pG^rTDg84L9qI2Z2A>uv9pB;&Wuj{jKpWEuiGtaF|q?`KhesvtZ z)nGSf%oiH;e0Fg3ktv=p19A&@_?*OD*cTu*-p&T2_MQG)B7mWlzrLU&(_i%sb4kOF(eK(5uTw-D=Z{rCU%h>5$_M#{&CuZ6*W}#o z$xD?kde4!*O}|Iat=!6cysVk}*!plyp$3CYBPg1%1@^i$;QVi*B!4?WAdvD| ziJk42y--B$8LFig5Mucnz1#fL*+cWu&dBgXmDv3`Awl(UtxNusSeoVZB}0r?dD%+t zcT*cLUo~5^UWrua`Jane++1qyj`1b_$s;d!*BIMrqfIXQ+JSc;VH=EJP?2Ma(;{Ca zor5mMpl)t;e0_dG0ZLG=ZrbxNPV%!oK zy9CKD^CE|MH*hldu-L1$4^>5i1c$GjP^XL|%%2a8?jLl+5-FW}wNWkGj+_RIPzWYz z)yJIbk<#+8AQkaTK;iHnvkuw*glT8?3vWUVQ5+y)??Tx}Ir%Y4kGxJxwm$Z%^;2B8 zSbQ5S?Xf8;fQ-Y;C;mghFXQcAjmagZr;NTa{#eauRpwEJg2UfWHL&RgOGvbCyGte^ z$n#|97+w4F5^jz37v5I@#kI-Vy2f&XD26mcq4jnqa9_5^SRCwu-kv@z*gp@-NTsif z2it&X46l~owjR)Nv=BRp#dmtMq^6!Tw^i@7zd;Xi+^KI&z%FpaMDD-}&7;dzOJ>si zn@+I83}DQn+69N0yT=UlRBJO#2ylZbSuIou{ zMyuFXZOtoCpXG$NQX*}HL-?U=eog${(N0!l$y>&Cj4*CU5HhIeS0@%o2KAa@a0C-V z6B&4{grh9Fr(}lN(_h^A)~SH$WBKRVjrKpCe-gxvOr?zavEGRrnCGtjJ|MYRKt`(f zod~02p<@&&ir*o)jv1&E$V>kbF zD;seQlEWptmnnIE_3}-*xfw&Ntz6Mp?W!QRT3Axk@K`_piSV`*mmYy}WcC<($?fO; zz^72=p{|cpdp7!9VRvzm$eB{fr+1$g(*Gbz2DOw$(#CKWsJ!n|loK^qZLH0h8;k^& zf?XgZl5`l|{TQmM&sX+a3Y^-)gq-hS61j%1DXiN|$n z^p0|>7};775+6xG4uRtv`Hdl^|H5fpMe%3+_A6Tw(oCE*_I0AU!9tUg@2v&Q@6=9c z$;J#VAHZ4eyWpJ9YbeL#9(M>FmBwLP!?%0P8R&%c9QG+A=B|ac*KF#eePa2^yMH6d z830U5E7~q4)J^pbuxV*w6w8DG>vU5~skfIfkcuOM{Z0wt+8}qV5?;|ZVN{grauf49 z(CzK2m)*6S{^C1xRI0J1_6W}8Adf%r{nXvK0&1P-VNAE-^OvEfQ(!L6Ko&@eAqxd0 zaf5-{+!!JZf7%zS$if)kCM1-N_6DFK7O0%nJ=W>y%aF1BT$lBf5h8+PnQZe`Wu%cZ z8`4%ZzLotLtXPkzA_eP)#SviZE^%IvI>O=}6Q;~5{hGH9^rr??U3o9&xGeSr{`R^= zew!@s83>nh615gYwASWzSAeP0v#VrmNdUbl`jXn%?6%*TqGl_oRVPrz{TjY)^Y$GQcu-V)#|2 zY9esFq7RXc#}l5``FMRaavfkn^y`>0m+?A>^^3fp=(#Actf#ebGF6P-yKp&JOmV6Y z0fwzI90ID#Ff3I|I7~(CduzDjGwp05j|THuAa!gQqc)x}<>T;Up%uJGQM25-i!(n? zU%1({%8EdshiypW30Nl*tS=~!2=L6gpw|CuwJgXcK4&@^bf@26lblaXjfMo+VtHm| z3}fw*F1+XAh|8@Ddv@(N>&YjS*$doe!qHI z+=onIVd*vqPSf;Rc-&3eWg*37@kJTY78N{>in_t)d@&nyh*~CHhoxadSFl^?1#E3J zv@^l&>{)le`NFC_Q@U|0R_lUE3+euZv`Z3+V+V+5RiPR3Wj-~hj+Dhrk<3Z7V5HS{ zz2}H^SV8V_g5*kG%VQ(}RobQ=_BJJh-};4ysBN&X(9htSKilGE0*;3C+v#p;K4d() zP8P`#tW10T&c*ulrSXK4j4RHyBli1B_tgxbUU?@9%i*`-RTy5377;hu$64|qTi<`g zUnw1Q!=m(5J2J29bUvx@@XJ~0QjTn z^R{@)B$QsUWHW&eybscZb4;0I<_No}cWQ+HP}~axquo}#Q}dN=e{023Z`nf88_NRQ zzM?sN-+Wk_y_!YO>I3mMX@iD~*m4;_fvM^Kit%6$DW=uBJ(|a|fPv6YktA7~=Un6; zSFAc%7)wxmy^sC2sas>Gzj;ngm$y+WS9ffvVCU#YIgkvD1C7t55&y-d0c0`GS9{7k z?&TyWAUMFAtFIF6y*A+usT^v#%(y?0>J{dzwdE9L`=@!78nDQzXkz&8YueV@Y4eWx zO0-A*PK7gjF)S%Hg9r$S0FBSOopZJwdD zs~G56P6vIGL>uCj&zUNe`fb=+H;{t7nv0qX1R#Lrc&Vw#fNgg8^VHSd)LzJ z#-W1fQPZHu$17&_x6X+mzy$XIJiHvGm|GkX(J0qq?RwKMz74@=BJ94%{HrUrmlB5U zJf>eiHk#{~zu^ZP4m~TnziR6*N(tdhFgk>XkJo9Mt?&YV>3fD~FdFFhsO5S5weSaM zFbL=*c~etUEz@L{(&evypw6}5xp;Z zpsFy4_i^p;RgW_qsxB6Y{Du+4WP-ZE_yICncv%GeYb^6>{o!<)f%%8Hsi~=Jq2bgQ zok++%^$pe=jYboK2V^?0*~Pzw7Qm=ZSw^0unzbg^Lydd8xw1~g?FcduIYa?Of#Ou; zOh6Nhk{{D7$T>0pwjGLe5(O~nHcaehdvAE%A~Bo(3O*zyg>J?G;Jr#L-V6bNjGv%B zw#DdM2&582{a;7XcJ|v@&5kF}aQXfZhu`z#0V1^oDEzgpR{|tQS7HW&EMatw{Yo-G)R4g-)PrZIqYyy*82 z{#_fih<{OVX6UNt&GL}#co?a-ur8OqMpaZcOF$Z@eZ_{evojqnt>hXefFcGm7e<&G z6867)xUEP6e4p+y1c6mJzhJgf%`-pvFl<=2gFko1QPfOnv&xjgV?ee}6{9UjYhH)ijVMZewDa+5fasKVrP)UKAd} zY!KqVX#G#6=)Y@f11u<%tUzRkgP3j{xv{!BMwWz)9}QXwV!m3`y+}5FpXl;{8SRM` zEcw3uk5wlF3+L38joiq(89wC1r4ziCgAxEVKR3icDSY#^I+(G-uVX1zEG|wGrucg} z;i`bFr_~n=LB*zOOS9dvOhN4D^Ish*5@rQXWWKAXeu@-I_c`(DKngP1c?^K+=bBh3 zh1{;{kbrJeO+AcNU?}Im{|jI*{$KD_GBApSJ#?-@TdY*G{M)y06r}L7$?x(#op)81 zxNOBeu5u~3<6mV`ijsbNK?15DHw|u5FfEtD@zozZ1-k4nCWfMu+98Pr!K3cAAv1IM z(8RyyX(0u}m~Un9F+|AXa8>GJF#-$0 z|1cluD2;%(*5n@^@K`PK$zH2(f`C^i%jxiF1Zw%F@@X8o5$4$+sTF)7HKhNh>Ah&D z0W#g9q@;t48RU*|SU|XDp6^4>cjQ2b$B0OR_6(<($`*1KAu+J5P-mT+JQdI6EnlU` z*(IX?YmXPSZd~&N?S8<`i+I9?;~mjeIc1AoJ@?!mZ*gT%d%ZwR7Xk5%_MXn8z2j6P zu5=2GvoQBbUkGg3Zx8g037eUSB4vbW46MWf@C8^!%?ji{fOh@nhjIJ5A)Ip^YJ=_w zXCFK}s4=>F$Y!sW#r|XNp@|;P-cpnCfr5iu+%Lp2lUl!z`2FYCE4;RqqwR3AwE{%M z6LpFl5_iq8Wkx4YwE{WeXm(e=1g<6`H3Aam$A}e(aeP{bO<&=prUTZXY^E>D)`%5@ z@I9IWs>NDj4s06zj6t+Zr~W<9j*%4~$(1;N*}W`|hG~wA=u4goGfve%tiYJNR4s#( zD`3B|zJGVL(ffq?_1JZy!wn&?Zy$vG1z0Z~?jr9We1->9LQN56_|2RSyNDr=5JbPS z2Y=wqu$%#|wO3!TyNV~|n4HJUJNyjV!_{D&7mB$}2)dbrR@*X>Yra5xZ&7Cbw3#zj z0X{m*bk84yk3zSlkg*@ghPMcR=)!?^+C?WfBUQkQfj+8QuTT9oIc)uv22$ntQIa`6 zsNGfk7xb9he#@+o-K6V9*s(_Da?T;VeE(y2m)GIetTS7|QF~)dwbKN6$+$=Qg{R1# z(TFJ0mCJ2%eUwr7y63H{P!oml&icR@8SKinEPy{+DlDSXw#9D3WnM#)2X4PLF0P+U zqoF?}NYE*$;D8Uo=TIYaGos>q1MmL-qv;$N;|jMf9NV^?v}w@TMq}G{GO^XzR%6>X zn>4l?+t%cp-h014FlWv_`{iDHJ?rtzZt+kk$2_|#C>}9306XIYOI@zM-(Nav9^x>o zg1RWkNxAa~8*E|WbU zViM1~nYz3s&lsV*KaG4{!+PtxSD24NP(4_dt6MNlCVCPe=iaWa2l3$#xL)U#{l-Jw zm~4w1_q#R4zJxhK+NT%i*>5@OgiC?ulD>XL@sctrW9*hpvT^DsPpzpMX~ zk8)%qQ97)t*RDcsJd&(oANxl1}>i5 z00UMi3Jq@ruP&ldhq;zgxZhkSr{~$;2-^ja1BY*f^kOYdJcImuv;w^{I=meyyhv|m+lFvMo@g`PX`4X+y4{y>ABU+6`CJu*GIBIes?!2b}=Qu(j zU)B)J)48Od^>J2IE)PYx?09Q)jmp?l*e+W#Ka}*fG`6}E)(k9mBy znLpVTyJnqKQqchl`{Jr_%3hQp5BNAJVtWIhz7^EHdY~8~gxk9&&NK@!*#XhHy&{VI znV#a*vi)_xXPGm3#QnS{kflWxSl8*vci4VC^>1=|v*tP4uPoQ;6j(g&egAFJWb&!r z@e(Ac_)+zf-51!|WPaCReS$XIISk2p(|LM!*0)4{pRDuy>`B#8L?b0Di$!D(R(xUljW;=)muVp)i23P&aX-s zUTH1e$M@*Cs`)N-?t#g=>km~ zn3aa1-%BCwaWFpfj6;n_zz7Qegr=I!lhNOEgS^F?<6MQ07TINc0h&`8U*Tmeu&4wS zR?ydhb!|aTh0Kg~Y*>jg|GiOQqmFBm4H|=GvF=c*I>D4MCu<*+17OaDaT|Fj>N>>p z-{Au37!_A~+$p_o5UbajkC&_i{9?u|P47WW~>&-18}Q0p&{(sHS- zfE(8v=-luJdd#y*$!E7&P#wp(jW=}teP)wcMMArTQ$0A=CcLNdjpUEkZHo1_Gfu(i zFT5TwtF#*HJo{X5$ca{z+qIfT%*<3m^TZi=Jy=iC58AAS1za;ilVr3g*T-hQE>P|x z)MgqLyNL%N!50M!V>g@|UJsFND*AH>XPxDB%j^4azK$Vh_HChWq6LY~^dLXZT-%C$ z&M(xeRVDCdx8@Ro3z4KsZ?)}U*0%_IY^dr=eg)u+L>QV|~7R`D0z@GtwbCE#8DiOs5jd^4aOi6?NWfaJrBsm^P%uXzZx7Sz6=3J)V<_ zqz55$W2MN3Evpp*l(4hvs%xP2=_4*33A<9MrQX>_SJN&%1^}Aa)M4cQxF!boqaUM= z$@s60z=!gdx%`=Rt*izQL6r5ip;pRc$2lQcZi8l?d@TH)l{)u+U@#w&fcr8sJdm>e zDzn{VfoW$nX}pe;qMGh&f-Ti6RH1GMPz5{_oR7E%IBLZjgyk7E(p`Qo3`*!4!Ah99|kX@OgJ72 z*D0I5Z;Bm`@2(+_*lF1F706MGjc*RXI0q}QIeHB=0dsHw}DbUcC)9 zFs2MIf2>V`MwTGgQPaF=?yGjDH+}|J3ASlYy@sxrrP(e#kANdT_v{2mE3P$-NG9rw zg()r>`X-Enc#u^LpOso~FEn>JTJ=?ZFMDB?0l5*tBDws#t!}jz4|Rkb*Vmae3+s_8}?QAaC81u+=mEb!ndDWh*w!ik{s-qiGKT?`D+W}8hk6u&Enn{3Wp?B*HF;b<7rLjOOY;}&__X&if zR!pRUe3Ku9znzRQ8^SFh8DsqFuAT7%QJ=OR|6aeD+CY{UCL#wa9G7|s&%v+vM}9#QE+bI$`-beh|a*2___nX&QOO2}4G>Lb{$y>pCa(c29?IW*Nareg+?(DjO zyvoGJt7l53%ikgGU`D@)0`yJKmjjgv0n(l_TlhHnov`wl?8ks#`(ddtQuPw|d9 z<=8!oZ=`*VdT*`saw;^lsl;bix9zR--*GqO!n#qIewC=Oh z%Yj4KknTUlKF+B2Qb!6GGSiNTX>J;H%b%j_u#gg$=0&<>8ftk+8Yn)>3ZJnKJu9>-em&$k8g(?~Lf zOObMi6!`9k&)t1o+07B3ww9+H*_^%f+EStg}i~N{ot0A&THzV@B>< zLRl`~z!vMVu0m?4Av0-X}FlZUiRogz{H7>rM>L^o;(QQ?p&6i6UvDNoBodbmiF zbk1ny{hBs7)axN}9SEriGJ@u`nyG_#2(sFFW4B*uI(<`0_{uxj8SJ^;uh;Zz6FOrD z>22)521oJikhsji9Y+lR2%JAmNp>sH_j-)vF_){*di7m5u2r=CE%_SOdF8lpFGhoM z5@%9-{_XQ4!M^9-Z+vPj->#E$?vvjO`Q!9geR7t6TZ13=1LxuQ?jyim>Yx4h(ittz z$Ks^g^D(zn*%cggLQ9}pu>f6zOgDoi-k#$XBKDr$bPq8@h11}k&%@bhOAcJSWZd(v zs@SlGxVpiD-tv3QCL;3F_nl;;t<78S$E)k%7kj|rw;G@w+>txeoNM7!&s38Wro8`i zscT_%ndruB^K9++9Ozxmdr>=V2v5b=UZS1%7T&zU{GHsTuX6i$%#7LF@*ym=S3Q^= zHAZHw{qN>K=V?cpc6N(62EKK-cQN80Flin(`}5UrOP@ZC1#WGwxp?BQzrEWm@zKn| zEeWaT>-5Y0>H@v@Q$%RbG#jdqcFvB=+H4o)bEI@D{p8`rXInb-FHyB|(be2*bIcIo zZV84!6cJ*MZluF)I8xuqi52i~_T#+m^`0K0mZ6{5hC#+`%VsO>KV>J`n^Qw7*53+L>5-b^`(-l0LNyr#h4jDYLGmM_U%}`}vJ?LxB?820m|#Op z1jG@exrL+U$s32TqWi z%(s{74MS|0pKhCg76U8Q=1K-f2;WNAwx>1!Sp~-4QnfSO`759=HUGy^9G3(2Us9ua z*f3P{o+1G?c#O&HPjn+nd72QiUa-!Q)XBBErJOUX$q}=n&@U#ekn|=^w^z^WHlOk< z<-jyrf6?u!&p*pF2CaFSDQeY;2BWzwhZJ7tz~xE-!~{9q6C)$V?JS%=RByMN*Am^{ z7Ym+)@vrAPtXT*vlC(tG+X64si>DUngqvZra3`^3rdy#sqS@29T)crEnDcrq+BEj@LKQjz(ti*LfP>VmEeF5w{WIC-Sv@ z6+J`w%m_XPv`xuZ4nu;RKE+=h2haESNUq-L&1n)u-S+MX-M_hrul<3Wl8aZowLnC> z?d}YPY5F{QyUuxPi%lW9x+*>Niu)9NyGE}4>hRh`16=C|f-+mi7vgNvN--UX$B3mLb$K4PaWiJ{M#<0QXFv3|@q*K?h%aXF;@B_z@u&)A2fGY6f z1Ly6O*&777D0Pu3kFlWYECyMwhgsxlOTMrCEj;S)-@nTX?Ml zyXWf)2B<*O5cMQiR`=Eo^=mHuj=K|HqjM3%(h>X3ZSH~PCuZg;fx56G=-AgZ5JD7q zu=LlF!W8PHC_av8rg;w6{C=;-pD3EX6A$vqau+G^`h@dyO4V~UdD@O-&H+gStoiz9 z0&TPk1eNXtyVXjz7vQj1WzeN)PW0xJq$d?Ry&|^iZ2)*BQ+sXor)1sZu{`bOXL`mx zP=k5S&c8cc;ALC+^?tn-`-V-v0^oRA9rHv8feAJCBHNSS{pQXfSA4^Lx!!vEXW+;{ z>sxo+*4rs`adpTUc^jJc%>+d=_i2Dq5Yp@9gLa{`p$v-0Y=8Csx|`W6PG{lXaq)?#-aq@sGtWC`d0?^W1Lu}o zZa2K9e$z-@3?za|&)J_7bW@D7B+-D9l4VZQ2^Rf?Tnhl*6fu5!+RaoyTA)ebr@jtU z@xjJ4%V9n^&IzKNo+FG{I$)h`+_W)CA_}S-6gNHp?ZHSwOFQ($B<^Zy zL4s{aHI&j}wb4)Dq5r(V*7My*LG8)KbZ+6#uKI)A-YkjjFYk#x&zE`?qmMasPjBLE zSUE}Ze8E#ZFUAZ^JR`D?geUX0+eI1M{!*XTKBONHQ{_FFcFB$Rk*}5=BV1Ui$@|sb z$_NI?uFI|}P=)sg;U)Q(JL($8Kcmto?>XM2UPo!R(Ep_NNvx54-j@8x5P4ou)qJo& zP9#P~p%sxhu7H-`38+bshNUqC4xy`a80aqyfi8==R!hnmY-4j%G+U1)ymgaPQf^?P zeVX63F6ek+D%y%PiG9-!O7+-{EnTIIUbrZ~Btg$cf-5DU%Qjb_bRlK=pO^8NPk(X= zQg+WZDC1-zz`3&8_pp?(Y!$}TVTb%|a)NYYHeLA^1jvgs1C>gD#R1uD7#-pGrn|s7B!V;IwF3jNE+o>;%$0s`A4h1KCGq|0b~yhf&GSc zC1giE``0=fZeB)O!xR;*te*-qhUko+jhRX`BjOafQw5lKB}Q~pdrerKr{KGT!-%AR|u3GL>y>04DXJx4IvjudivP28&w@TA0ft3LwG;~`TU zCZ2U|xiE4&EopN2-hWVw;Sx=hGHc03%oJj-+rREqkX+-2xU=PBPfzZC)XyDgb`Y%D z(07w3{3|4gb#E5f^f8_5w4M@~0PNz#!}ci7fzcu`pz+5z5sxyGTxcf0tnUMh?8ctA zi3UO3B^A4N3bvO{ge#914yqxYQmzAtn--g$lxAD4%B=u985;A1r2L}GTf7P13s!Am z*Mi(GHfx$1xO|TuD@#@J;ai+U=s`;hH>gO}EaMRRGFZ(siV3PYAUASW(zr+2FKVm4 z97KXy;lp+g#F#;-)hP-Z$NtV=a&y|PVp-Mi{IKE7&Em@Uzxb(XTN})?j$=?$LP#6O!#0RGDOf8+=xmQ?X(aR^RZYRFv6_yK zW*ZXrqWOyu&v1oTtyW}&>Zjq$TanS;;wZw7)NHfJL^=)42>~J6RCllwQ4-g%q4(g) zl(m&z%W?vmWs-Swhvc^bV(>W%G<#4qEhEt^eJ!<#AkCq9PARhhcIJ2L+rs9YYmqXY z;+*=SLXA!&OjFgs2>IrM_isKUM3EWI zKG?Sj_V<2F@)^>EzTVAa(uEQD&Aw{*k0Bbpb(2{u9lIqB@Ev7+NzKs9{s4NS+2)88 zLiWY@1}%fqy#Xa}$j9tZSd_K1vMG*}4&nJpC!>5=NZR@c76gDe9F!5Ps~bCq5bpq} z_{CZXuLPbugU!GNF@Y>RQymDJ9c+SEg>#5aU5^f26^$gX0w6nTVxkm(kdL{vf<{mc zAv<_CWry(V*L_M@lU1c0ljs^9JLFaWehjWYuFDXi5r$#!ajS1)g^z!*!7+k2=7iiu z;h^qOV48~EGF)pRGiw%>>E+GwG-F%>QZ9f_Yxl00d`w3JjI*#M95D+IEaVz?N4>hir2wp& zTk>iOP}n<%eI>Lj_LT7T0V#a|9W=ecZwBaLw8PE`rq%;&__S;C{6%1W8Ab90(*yl^ ziE;5`Ak&C1XlpFV*q%e0M)bl_Y7l32K|gFo8(OCIchr7i6@Ies3n>2oZjW=MYMj1* z6?ro3!?NF@0zkS+o06{hd=~i+9K&Scg$eibl|y#4KnugNnL&EvhmkYH3El=g`&N<>oZt;TnRCP=`-6>-w$CcHT9Zrp`60X3|e>b)%w@ z5U`nd;;74YqD{Lui%mX5uI@C*8!#3nzkMFUgNeitk5-gbl0}3RAKud$z zkH%-Se0#jOzm;Vc$2`-PJ!{s`S90wRgp=CN*rTWq65=B#lS%M6y;z%H zYQrR(n3y~61zQwFD-chRQ!`t`Rt_xg2rWf$STuMh=T z^-8DXCElyzD{G5hscKLt zD6cc=#0!wyXDWrrYM{nAw><`%_WZS*!VjmjEMA#ND8-YoJG;O7;&%Gde#eCx5C@Y< zFr$${XB!r3Gn4faCc}boq7<^=7G?k9&Jf(^CT7DQ@Qy; z*^CKQ5GX`eJZ7vEDFz8_D^0*+hO=F3ikRa4^pTO1`={raJB*BBKgxC|c{rXG9md7N zQgm~3(-jKZT;kmHX|z7u9gc#}WDNPABB)GZyXUmkXHfvE=*k+@ZV~hEZ4AZfSv|(k zWPbdJc3TY5&n83TgxDWbDug2q+1Sv{1>=qnEoLzp9g%j|;J_@MI!>}66FU9&Qc>x1 z!y{kQj0k?xxwc5EOeoxk35ZCd&#ykiLqpc6N)nK%^- z-BS+uAuD_5s&8bJf2IH5CZ2yi5SpT(e5qeDaV_j|q8B2tuqgcmCF&6=d>{*KYNXEbt7V2G47Xy-4JsdWzaB=2kZKSlmM}DMI$WY*|=x}9N zo@ZZPL7wU<4f{YrAd5XH)K8Lpb8%VJ=OH0b9WSXm5RW(1X?i&BC>lF=EQ&MoBar-Q z9`5MzJubNZ`CsAMVgi&S&)39Vj{f9VcMX&b&K62qUH#%$6{MxDNv7!daE>AQ_x~W~ zKq{`;@C3@re4Sn+QJ#zY`O4wt2RO?H$J=Nvw2MM~hGts%*P6%s&;>CxM@Vp`$hN?a z8FmUZ4G1a%zd<=pCH^G|fET)lWP_h$;~vE-zxFSy=ybwszK}xkFZea^()7#G)RuPKm{7Y z<QOHKcdY{7=<3VVo~UYI;u-=-V+0zG zY%l&l!aOu0Es6HE@8E`t!8|vdM$tJY4e8%}^m}5Tz~oYKh(L-ZokGw8+wv-F&G=70 zlrClcIRbhjd`R&RHmKc^m^lAE=JtDK9_M{HV*mFWVBGF4C)6kf_Yw=uoBr!pnoc=} zFK}W=;MG{3FQK?%^cXCv#d(TwL)Bmz85z>8+fI^nKD(!${v2beXj!0%Y}mY4x*9rA ziX5z1s)kOS0=hKW1U#?}jSOU+E=I^{uSz>}zS)`P?Ba5=Qg0&Qk@q@nl&cj($XNn{ zWuV*2@VH;yhtvJlBV{1s_w>5#NqPzEeCS*cjh7C`q) z+jP2Jl!5%?7sBkIK&%eJ#zL{{@YNd1lg^b3-g3`-^f5-dd_7o%6Cr&TVt#cQYHE^O zv0efZ78$rcasy{)2(w~ZrM+`3>shXt2DZdPF}<+`eDH?6yZ{b|ttzNd5W^(!a5`53 zgtRb*Q7-Vp4vSuQjz-GuXUVP?Nf!flb@5SKe${FS8K0O?6M%~w3`5l*`Ec5< zH<2u^uDTGFye_-o$7=JNa}TUfpbZMZhd?7*ww)~O4vU&3k<}#zHQ5In|Dqz=|9lB< zr*5*B6d+zE3+-tBjU&v8;7f7`K?SsRzj2aBBM^N43z;e4+p$IzOud3a%%fN+5mN^8 z8wX(`m>&q&hJX6p{!mxP@#G^30*hcpAr+`<;ztu%uF?{nNMkOAghiQoyjVX0!7vJN z4SW(LVhF@R42vENy84BjoE+lNuLyA=f6+g*iAt5=dI-ucw6 znI5X7p}s||xbK5K*yoB?$4!(;D?1su{XvMIVH!wv+8GFC2ifYs9%ebfSpi$glgSND#esOHLnC?>zG)R#K*DeWu1QBf1Q9 zOocU7G0BQ-a6?64TB@pIAY4YFhJkO2{+=AE_w!#5E=a+wobp}G0Tl&)H7k5@eD-KJ z5zu11u)4ak>4iz^&-IVs0-{NzeB%ZsZnLW2W&6?G{_mu6hwUC~tqqhMseN=liogP1 zGpX(N;7-LDU#L7!tR0rew|W|#fSZJbRJzPD0tjv=1lZ4pd@DjW^JsrS^)vF9J@;*2 zNmPMnvhKSnUYWD-jxCpIewmrz5%h_9G@=WHxQ=`tK{u<`J>>6op+w&d!LV^~=GK~R ztU!kK*6qCf{CXE#Bj4AAufsWZ6AEd4En>~=4h0Xt$Ld!Z?hO-g#0dhOxxD%ii_^so zuXZS`x9C!olQ2zMknPp^@TMc^k@xdO!;V2N=q07Oe%e-GS)2~?X$@DE5uoO;bE5jB zjuHqr>p?BX)RCP-*ol4S-gnlI=e@Wl|4%_#DZ{}x6_ z7Tr|;z6EVWF!bnoNzejvCEvR#s+>b#dCZEmuS4X4qZ1A zne0}|G4PiC60hmJc)*VM7jGiKBe<`-agIF)lVmYyhB(rDpQYwi(QS1fE z`dt(OnC76iiX95FJsRC1k=bt_*s;H zZ(&84IX009*vH&YW0I_g8Av2!iSoH!4#kL2X*DHyYwz`%&~d$7@xh4{=s+zAxZwDl zI}|uPzTGp@8`9u9^$G$nVykoCZI+^IdS0!ABv3o^ZA=1SFa{{ti?{>{38lCEKYd*j z<)}^xD?JQ7yJ@b&p-N^ML|?yZOCjcX2nh|1dK@2&wJMFs?Xy&;Ku}GU0AG%BQ}{u0 zY>Iv(&g@`L5N+lbPOMJsIhTmV7)sCiH??)z<3CuC{CGdQtGo!)9{6?!0VQ=brt#0pm?xXBNA7%+iv{LpuUP3}2 z7*vuU|5^r~w!9TyssPINdi{_SZwY;a@Ts#?jJ~*bL!rO^rxs^ND|3aQV(0iLX+{-% zSG2mB68!Wr`#gR`*>mJ66b(Z;l@ia^XLC9HVFsC=>u}Yj-cL!iZ=<38|2x%xrpi!( zW8{iwP*Rq*JuioZt__G&`6Kjfngp@MVBS(~PyJTk(TJSxcR_3-+wa2HbNmS zT0skF$SVjrrIw=_d`EQw)jx=0-AoyGuXk|_TORtq_u5Ahy?CG&vRfkRV8tM#sQ$A zq3an5K$I;TTb9QyIrb83;EHi{y<{N`iyS7VcTBgtqk1R-|T zxx4r71$$5Y*~oBrTa9C5vw*M~j09a!Z^`jmf6vTRhhoRZ3>&7botsQ&p;RkVBtPLV z4#m7y(`4uG#*~{niC{Hz!Kyup-o>Hr3I|U!5jTuYl;1xt$c^JPKt+r!VXGWG{*$Tb zg-;}h5~SJ`ZjeRZ2$^F0E3o2zT#7`Cc=(bzLNKvAo@gzsI}VpwzX)^^9=kxroX+bNqqd&04Xh4@X024syslqZxOo>0x#M%F3M zc)HS+w1~YZ#vv9g(Dg*DSpMSbc(tUaeZ36j>>{hc?R=!57<0T_Yjv_wj&*ZO{oQ)? zyKtuX=Z_Lw?pwv+C!XJ3xbmbWgWjC9bfu~<1giC3q6qi?LZ8)ILhrh;w2}H6ftlBer0cl}RBYB9Z@@tR$^ ztdN2z#+zcauyq<(rJ<;0ReweE+e(I8d`G~DB2p+!Pf37H0@fEXYVR*vLSDFzCAh%Z z{mU;s0ObAoYOb*Q9rBl8SX3FOKW`Rsro6Yw6Cw{m{3jHt;loK9yU#G z^rsR*5&Ciue+mY1NP$K|BGC!d5uTl`RRjOMYrTdV{F~S2>nYGl-G!e)ZNd}yj$f^H zo8~i8d^dXhCa8X57tv|5r_7*Q70p0~dbuXF&cQ_PP7aqtv^^H~Lw_ro*MOV=sKw|- zKja!XP%PHgf(zLFi-O>VA;d30{Hx+ZXeX8Y`jFT#tb5j5w$;ipk$TNS zr2E|)8=h{4WC#Z_rDU|^^X~nfi)D$+l3}B81RN$h4HH^-a=Fagm8xqgi}bLx15c_4 zznL}u`IuCsKSi?+vbB#)&jo`!@Rf z81h&E&d8}MWJ<{+z(7)Z?5#SW7$E)UG8*S{Xr^@bUb~HD8gXa;nBa|m7CS+HS35TG zt7?8!Shk6$n;hPY0WKzKsN+FH5<$mOwfj#b{ITijI9*-cV-Vp7a4?R|pxahwj}bf? zM=A(|8f@C+kM3LgAs~V*+@}kr-yNApD(NplJ{@d%z0yk;XF%S3Y2{Bfuy(VC2FQb&1LMnFU+gyUokI?>+mHYuP92W0grdG zJjv#lAuE`Q)ja4FCXLPG+rs*gc?54GgLdLTIJ{;;m+ zwvq$RSABW@k-!V|ndkshqldr!kn}`|*j{(wKM=U1xNuzf-rvuiuySx*a8?mdj(;RK zM&qT*i-|SpCW|i3p3wb3GRf7!CGh@gk5vX7!TfFIoaTyMSz{7bt5AznJYz9ie;zHafPdZgeaFXJglWWIb3uxUU?;C&}grD zEyCN`Pv_gEca(k0zPrpy3MdZu8*{xvF|YA&euiU9dwJXui<2J`*ZXW z9Q3xqP3ZsL_^#Dk(dXa}?#7XBlw^Buk$+0MTTU;j-ESsCt2U`p@2q%uzgU}XImfTA zr)4%>%AchIMYBT6>{iRSb)2cX^zsy?dAcmvwFJbYuq|jDe*Elpk^Li3IN>)GQi@Bdt znI@UDn;ji5uJ|j!%LR;EZ|nA}F|aU9SIou5pR3)gh%)Dd)B!QWb-?n#Z4FLceogp<=m+-|TjrLUIGiY?ZvLB7@aT z-9fEtDIl}yRCpA{wy+XcVOE2b9bI(iOPSpA^q2 zQvOknRrb)S6>X~~GgYY(3*P(jcj8Y@u|L5-B)`9!QRTi*RXi(=?}Tz>ICDjca~V?< zD#o0bnNIJ%xEisJ6b2X49#r3(8zD!H^Bw4hSl;ImQD^^_gOftd1xTQp+&OmD)-s2N zgp>`=$>?EtL&pt`S$^`o%D?%B5CjEq!?k&v7UYG4b-3(dbVtI`;%eN4Vp)_9S=+WW zq@2xs@Gc+J8}#qqrtqgmwnyflD8MLCSg=ge_cWhz3q?xyOdYgE-g?*Rl1s%q{*~-7_jnsS_#%tL-K8O2TXK`H`%Xl56pKcM{Z1qawbC4 z{CR|~Jh;|HcXWH0)^zq{*x~)2qU&0{Z&E)#xJuMh`a=hG zJbjY>w`Z!1fZxOIZ2^;3L%30-!Q-k5M$BUlMkEywP(9QnN}?q%$s)0wn# zM?fz20H|lpIf@vtjSDd6i$Bkaii}K*lG_-DJ+&KwU{#T)Wl&_}-{iv*W{&%*lAK;i zhh0CDNKWxSwe!L}My`jn_{@d*5G4#D~3w6nvL0^(aBJ?7=7zYxn!{{zRp)!6tH)W8zLRuU>QCcMjX+7bdNI zGUKM;`?csn!`4~rwx2AcMvZE%)34u2v=e$k7!zzh&(~0%G;*0@UDKYue$vyZBHQI< zPGArm3V9}1pR>g-qx;tm^&siSV`sHl*5**QL`%6#OG46o))i?_YC>3;T+;$w?%8Vb zwBf7gpCeX*B0LK=O<7!A&hGrj=ZKZ8@xe#Vn(V?PNjG>FuPBdvv_CCyQr*R&H1+PW zlZ%TfbEUWm{W0HurKQzIBBt1#$+ye2Cnj0O>?-Yl6C|gAn%;RKZ~Ck~+V_8$H1N@F zviM3{@s>e*z;r+nR`789(pw_CK4AH|-4A%P49R}86m!Lp8(^$^3Hw5?kYNul!y|VM zSI376>X7+(OA+l}RwQDOoW% zk`=`ZOI$J}+%!c~&x5!TC-Or!9x@=!=1RU+Tz53s#bD-R9-X2}A$lxL9!0Mg&4r$O zC@!fo7zuUAg>3aK17nYa`x*hph-j%FPh~DJOyCPjg2`BRqQ~@gwwS2-CEqyPj5`8+ z7YJX4_BWKmx0gVnH=0mLWz`&Dv%x$x#SVRJ_1A>Q&#`kO zr})RPHch|uVufGg&mZ(NEmvBs{=GXP1kHE(6Hkw}F{Lzrz$azBocL>mcmuwjTy-Sg@n zf#Lg(h>>MdGEK)V%c>;BD&vJo9G-Nx9$t{Wg1cF}4^jR()1I=@qAs}DweH5ANSg|$ z+%nw9yrEF~!hIa@TtmJfw{s82db@pbs-rB@#5-6|lpXI2fxOz$$-Io-m=bRPXeD9C zY^hqNdJ=9oCN2b6Q6CqyyUta>#F2|+g1(c4=|sZQ#R07{O4@Kq%b?O{RJCG#!-CjQ z^el^KJFN-SM14^LJpCe+@#P(4$ifdFE!PUBc8ly8Gdb&5@SF z(g~?{Om$m7=1na66auS~f%&_3`ZApCpi*=g!S<2D+0n@YbnV9Idc<*qnpHn|S8_W> z<8eLX*WhV7PlFn22D;PwJ@f66_o}OqO8Q#6N|ObDh#!djYdSsMi9~cueoO7x?q`oT zA^8R@_!&(fx&2`cFQv%HNo_W;?$h#g&Alx8X6(y8e?jTgmIz-m;X6}2AKP0v*>3&a z&I^ze(;{kn_Fb;fVR%?~eAPz2{D98g|5vvj7t0phRBKAECbx`dM04=f)BCy3>6$~C zrpL1c&HcNo?isI`Lvy<_4&tG?o%ehrZQOwfDd~2$muCvVqnQ}OVGAF}9+R1M=f&^* zVMiQ}zTS2KQ>z6sssxYQ_G7lp?i(<@!F}$tA)L8gIRpj+mnfT6xuu|>i8I$IgQNV@!`0K#v2HBs z@`Cq#2-_5e2*4;h=RQqGivBnnNndHi1z6fl^~N$Ck#4fswPr-9Eh`bael9j zRgVs}1nuvW=b>sTC8G0Oj;53h4fDL>?(R<)W%(7(!F<#3@O5Fq*U3RGqLQs@_QsqU z&m#pOFag8U9&?RS&0S@_Gg9d5PE*9cX!+>X53Th-?JdW3M@knTU9~X@tfmy)SnvJY z`uY0!n8K0b=)8+NM3>U~ZP%6E`AUYDOx3TWl3=(Ht_I^_(o&dZOV!tze{N6z<`(6# z<{DF(a@cq75|hfiB_96PrWg$iMBnkZKM9w*fi3vNMo}hVq+oQ#b)iQjh>P9Rxg9sy zTKc9@qkB_ncfFy@*MLBBU>6VuQ4XTl0zQGh9Uckp4sdBV-#^~pO+84c<=&S;_0`$U zPIogBlAy!%Y=;SzUO(TABM_O?c_)d*Gx@0C3Jb#n8XOG_9IZ|b;uVvWX+;KwY|82N z7oVpwpw3Qo@qnIQYnW&>(iruuf?}yKP1A0&M$9ZefH;gI&#VZsgRe#RM9y)OvIDa_VLG!!1hQwx978EGHe(pYiih6 zHcn1X28|jbwMz9Ek7Ml&m$EDxAd7eFMCzBUD!%vZ{lgv5pWK}v<%SCYg9`|#{?B2A zJf7d%t;79_>y(8{?zvhh69nLZzz6~>+4SO_Y~sMQK4q2 zd>&3w^?ZqamF+smypyi*3{VhcU=U=6=KoHPAk1pYo8cYWBdE&r!=5Heij>7iM>>3r z)tDtB4ekk(xb#^Q>ozFk%v*oXEx?HW|GfYzJ@lnwzx>{9)a^u4Ew2p2tBA!;VB%TT zhwuNr%f_Ub{3zi)vh`!%A1989!c#Jn)oh$9QRcH@$s<|A1Fj^|K-YCXGE9KjE;s+G zX;ZL__`i`k`Im*B9%)C#^*27>xBRA5_jbpWd3J{Eqq+7x4wL5!a<8GDp15X{Va6ku{mb05d;uh$SmwN|MKE zH-sqhC=|O`HckHA38vO21=ia^K_?(gSc;%Kyl38WG*A2AR{(=BC(px2rE2{Njl&#k zh`Rre=lXZOq$T-?YnexbsbFyQ?;9sKjbzTSCXOgMW z!M2eV5Wju@)ZiEHXp}&riS|Lii|mAEfTZ(^7SEU0sX6|Dqu>Bn3=fa15+n%{3X$=C zA)yHS)3e^PRR?l2xl*NMczs3w=u?oZM=u5|GN=!AsrKapphT^V8d&J=z z!vAO~hfAR&goQPB-|r%vTAG#EK1j$K zeP#izrLnQ`UZmma=MnN(gP!c4$b=GKzrM}_RS*V+kz|k1jO$ufB1SaMBR=FW?)ML0 z+^F$*)8@2(LXYb#rEIWrE2ehEI@=5toi>_k4Qqx#ktRR~(cH0WC`XGJc-8bC*c4!4WU)vovr zELvQa*7~ya^_9gO=QNkpqY?I5X^$hHC@!V?l9O^FISprQ3f6ij+bx`%{$N;Vyk8oI z%N1%-r%Tl~e@rln>cvSwH|alE;-CW9eZYN7ccz3Fh5E+fRV&{}CbfNoGF#tf#&v>D zbr`|rJjw8lTWnXup<%*Axcz~AUqA{F7!)F@3^of6LK8`H3Vw0T+GaLi4=lw5A^@lsmcdNxI=t zMtqK%Y|7S+$*f*DJMHgby2CBexk%aRhSLtz{Q4JJ0f&6?U6pXtq~es(X?DD|G#X(BFLH^UxG;C9I-)og%{l0s7FwDf4s1L89*Fd~{evJ#hV^?vXXN&d;!@(Q zwAqT``G;F)0boQlXoaOko#V`H!Jq(yhSS_;x_!1L_I!45+HKc~O}dzF<7f-GSF{1a z^?1CqQ7+bgC@C%7Y*unWz*8fRk`ztWv!4y83tq!_z=ze=} z=!QGWgzUo0nsggu$Np`s)8fNcPtyIE>uaKDc=f8lJx7Q5)_mWIMR!%lWaWjHM`?dD zTf*UU&0Kgvgv#gy(%I7LVhVG0JqIDj>$u-HoB<2t-zRdPkeP2?yx5ND@>~}p`Z^}A z@{EXxNN%HeGJjkCd}6Pb@jc}RrGc1ef-l3vr=B(dxRm|)_cRJa8EijVArEpYwE-er zTv0Ij3uKVBs^9gdZl8A|5K$yZE? zE-x?F-g!uA+HM{tKI%%;9v=9~Hy@oTn@xsYq}fAI@QDlmrO8lP0{h*oI32}av2~$} z51*Ty?OeY`er5iWci-{-c+O9M*Fq&De`lof!Th@OqS4OjpFit=qL{sp_)-0!(CF6a zr($?Tj_vL3Vt>Mh40^9G4)Du+@2(G8L2X7baQ;evekqm_da^Ct>$O@;wV?{YX^n$Lu595JA3DtDGVH(7xFwpT<)q@{mwyBG$Sdn zr@ys+_i07mJR&LpXlkDsx7AXTj`QC)2kzmf=*kJsTcevy|~3HS&%&CjHN{3 z=YnDE5fv5B=bAn1^-rFYrlLH~KHwfjFNC0(2O*8pGqBAx_tXKladAtIDIQ(kle63x;t*6EI#z|nFk zKJ7V@E~Lg?=?jj}lvA}GUM9AP&!0cPuQ<`JHXQ?8RFP!x<5R#8_mc!tQc@PF5&HL- zWqf29*feq^nmX^N)1WR;%aU9E2nffm@9M^(#$s(cXcavbdQ%<phmTwLm$e-%bQ(k~-auJnUYO+65<` z0OE+eo~Xci_p@&W1!l#XG6|@jb$e+t#Xoo*R~KB*c4rdcUq@X{1K_`aTR`(V-EjMR z)kR!mdrf-P0oM_}G$t7OYaM$^;^0XBD_>0DFy36ybW4!Kqe!#70duGW!_>>mu~?w- zBP?`0xQah?WK}3-!?_;wk9w;GDi4-&y}j4Gcb%mr`Rq&N65PmzSFp{aMb~9|5WgB9 zP>u+sa=t@3>fhtFp6gv%Bj=*8Wn*Fr0-_Uz60P!hmJR_;derXUG|mRxF>}9EEvVd> zo_;+b{Al*^V*u%AQA^yz!9B$sZyiY*O_FW_F7sCU0-!>yW*JS1naz>GDK=2_k)rOdv)(?h;&4eTe<&LgH~j~MpVM@OIB0LeePyI? zRavB9&v+d0U;ZGe>MUn$>5cWzu?>d>gv4~rq1dj_qLF|PM?s=@M>@QlMCm~mqYm=j z2Uk3ag7B60;JwA@hNDRfyI1`Kh^ zvb&YfIE6a3mfS$kB9Q9!XF;Ih9Tvy4BHj8jay3(Bk^`9`43bd7=%y;c=g(EjikE6E zVhAG0<$^wcuAZs1U+d=T6&PtYQI4+M$o~poO2>dL4a=4=kGksYKbgdUiXuTpshJ^~ z%+w8HH(di5mTt>?obS3-3Y5~;n>s;uGX~DqjZxl%oFO>T4am;~mvo*hr^8}-K4?BE z)Wh?JMH~T4(CJ`FsDb+T&DBX2=DBc-+mZO6j-jjB>OP5$jsCcpA5l_8nuBjB_o9X} zL|TVVM&(*bUgMmmamGfX{2PL(JoKxk=rde_3jTxB_KrDN>>%V|vgmc^sx`mOdZ}*x z7SIwpoo=Z%Tn0R(hchiAEt6{<1KV=wAtQ>3imFWMVYwzbDb{As@HdZV)z0O6?cOqN zfWOwxQhTvK&*%>GzTuaGRlOfz&`Q$9$0XA57g^a8Blhq1p>%HnUQ^#d&fp(daupcXMT_z3yvd$~ zQh0OKf|tJT>BxH%ygpB@YP-Qyf$An(jQhMVsGCM(R&dzYBIPmH=}Fzf4?4Ij^igQs zF+{o6yHA*P6!U6RD*v27?aAT5vnE&2-v!+N3c7No76S%Gh-rH~G+cXv1@d9Bgi za_cc#W#+_dKNqZie0QfbeaaYBkGB3?kWo23R$_>dMKiXfR3LUZjzz1`u+lqDoGxrG~(yoj=0Vw)yQoO@`*_hyH81E(~>x9k;@S=Qu<&B4G`e`I-);d7@g z{F0foS6ArI&uW=r&W*%mz2yw=zpp|T#Qh&7eb-558<|_0Z~ByRuQI`t{&Mgn$UU7C zn#=x#ynxq_e96Y?%-h^j1Z88M1lfDJZBSk`Mq-vcAh5pUoiZJqatS@apXLD4vFZeP z$0T2fZB`Hb-J89n`PrP_AB@avf|W91LRoqjlXWA)*9sv$Ahqp(6Sp_^>rFgB_Me`g zKH)l7KRzsMXpUf&)5dI3Y|<)L4?aIwRwj>4^O=9NI;8fZNe+z)tD?4(AD6o+twmcEV*Zg>g2O(gfpLZjR-d zZ`{lih?(tFj!Ahed(94E^4Qmo=X=`QQ)`z|Kr1;8r|WxPNgN4o67eL8p(0GW#1-L_Ji<%!w#BIiXwgd1%+{k3T69)x7? zM_tbIhm(2al_=hpKf`!q&@em`>mCmhtMBA$n>GE<8+9W2M@w1Yvp~r@R%0=-^=I*W zW1rRES<>bC0KqRJeB?-J1yOCH)TQVILn%>^PZ>c)iWavfu#q{mAj8+42gHe2=;p%@ z`Xr{BEq_jU*n^%AGv)Zi2W>N6To7BMGtHe#-s^?+0P31>G2`WbJLSGy9 z;8Qid>sI6@RaNiny*9rG>e-U$e}QZ;sNVMGY{oEnzU6H@gdUyEuthIq93V8KKq*Mu zfcb>$OQX{^?Lt=&)u^F?{Q_7xLzSW?<>a>7z3DQPa<;P-SuoSePUErY?v5#|d@uLv zHd7ATo)!~^!4N4fj*z!mLmx9|CkmAF+I~~-HMtdueMT9d=&j`WDKQZG^GzmKIYPhH zm%POylHt#y3z7qTMKgImtBvN;8@wMr&)Y@Y)S$N%! zSI2pUypIeG+KkQd;8j%o#D9MM%C0|@{y7~*+?LzvaM z{0p<;Sd0v}Bcc(%FMhsx=oNu|106~1i|%4~V$9cRCfmF#SHJ1nFihQs=>kfJdblg2 zxf!Xe-w#N$Zn+6l*uG3uQ_iJzaI3_^pw@rqXFimVsekf`cIo6LeK&^9EXda+4L_d6 z8Q{SrM+|xSd1OeG9$zmOq6iofH=)zc#O)nK^9*rD881HwTJ-Pw0t-7F$N z5ibigX0e;EZhKZe2>iO>Ft-CUBEJtaWpQv=boGyv&w7qb)CT^8w7zS^&$3_DV>j^! z20FWoVUq=(tbTKU_=rGuI>cd-3yWfNFewH&S(zr%gZ9Yt-q5SLUO&gUC(3oD*lNn|L2a?@PRV=p~OG)9HhD7-39) z*Gt(HHT`$#x0Lci>x~R5>Sdtczvy&U0QsmZvhB+zM|*8e3$^A=cTi$Dr}&m#F2@y} z_;qJc7cr-CoKq-n^l@?!A#(}QeJaPJF=9G~>yoPma=eb`(rBZSCx=+8X>h#n`MumX z8E?8MVuU|>Xk)jAT>0$?ZHRtp55`NEYc^v(BU=3uYhwD5kfq@Lb!S4OR~boh1YRZK zyDu{u!h!SD;_HPYp+4-!@4AClcS(i|CN(-;Lh&f`!TrNP_BC)im>M?EPPA6|9!>RG z`R*NKK3yl;SZTg$dO_2pqmq<`{D{*1=Aks2yNbwaG9&=1RM47439zA5Zv|~W}-dx>vpsCR<*GnOH6{?hgP3xt?Nle zEZ(94;=IpDXj}NQJFejjffZ*Z%E6DKFCh$f4Qkl%?#myl4Q5OcwBKU6Z~A9yNDq_e z-xg9d8b{CL-lvvVR@x25Fe>l8YP!eTFlx8ia$j0nI&xS$wT3>%pFg_l7SZZg9Jp{X zc2?Q>r1cLpN4};x?4B|av6hzqFRcA9c2=N9LbiawO#b6z5a>Fx=Tq=gL~}SV7~X$5 zjjt~{l$u)6H}LC!82CRvA_DxhUpX^o`rqvle?Rv_g65(hMiTzZ3;qSqdr{ygp>x4G z%zrG#KM0)x*VmUDnX>BB|J`5cv9E7UkAY0e|BbB;3c-zJXp_+Vzx!9nfS=B1cgDmwSBJZI?t z^HLCGG+F!=8kYaN|12H&$#c)S=E?uP)c>z1jh}vcOEpKD-UVYujQSPCC@U+reNm{7 z`x`ohI+6==xtPjj)B6w*RtAu5<1b0|vazNIP}7lQ(16w;&$i_@eu3uc{_Vc+IoMur zd_~pO3HIl|Cm_m>h=(%@?(1ym84DyoN)r{*P+IIm4{fT>DJS3F8o~|rzPs*c15|VT z0-rHDBO?RlL+~@isph+nhlYlhiM2a3u@lF_3^Hln3Xd>S+=#lFDI!}uXl~c{w)1DW zPo6N7Id7g@?@WB>`}oorI#p`8d`=od^zRnZXsLqEav|Mm^Ys(ETjtF=apfvv2jq;@ zZ?VCa`<)rYb&4kW2q)Kgb#?W0|8RA(R+sNDDCy`M8&hrY{~rr`ftz@Fdr{-P*eEIg z>~)=0_J!R8sG1y7NyTe9?5oH0nQqk1_^f&rz9`;T^nf;2xZn!^Z$BzLJ>1YTRBe`& zc3+q%DEQ%zk#Y$&LG}9rYz&{Poe&>gvJ1^P0Tqz}bGa(3E<4VUPW9(?@zi zY;0_}-L_O5E)HcQ8}zzDNUmOqJ|rF#Lz0;NZ}23?qJqI$yT93VR0@XE`sRCNIE0k` zI|9^{e6{oQ)0#{@xIWw-7g7PR`L_35ISR=+=K*TfRjZyY!0(U z+3^Ptk?}!r{#lpr6ZFB17lG5I`X%v~Q<-9uS~q`g-*sd5XNZUpvc6Gi4t#+7oDmuN zn2%90mLBj>-l-vk97@|=hHW?S{Xlg5^)o$j1$Lb(=!yNIFfzi_U*OJy3be4tM&ks# zqeb{5Xdq$ICa0I0%!lVTfGAN+nTZd&B#6#qRT?PEl|j|AZ=4W8dV z(W$kNfTa$(sIgWFIR33kix#a$Y(eTPsN2p+ZZQ7Ff%5QvBs)bIo-T=Tob$0ZZJ;~i z=nSNjbI0%lvOSfO>C!26jLi|P2%s4I_sZOUN%uDrDSXyy_*mpzUy9XBi__PTpySC% zP!k>e`nAp456kJ~6voRAAk!~M;j@|L#NwtvOm-;UVFqrvqv?Eh%Nps{)neImlX8Kcl+HL52{Hz%Lhlfe8LS0E<#VwcK#v3%y)??kcU_H;DyV zrSS%PVyIdI81K%p)bjKCCuFPA_K0{r_#S0ku|qKAMuHG0(pCM2|=x#l7AqTd8pUmIPXwB#!E&E z!YGL}i&904xvx*&pB_d|Z8nHrU+h;;=VvbcdoqEai1&5a`Tk-_J_V=4(>Qj09ibj% zH1jkNGfjK;V(%o-NTBRY)|SkT`x~=A#YC8lRb1P+&prK}>fXeNNWot$Ql0A&AS)g=68F&JyZ00%B6KV`=RsL)dQV> z3&f9DAlJxd^$5m@`VY$n)_*>^pG>|ZN5p=XLTPaXgle8yi87x z&f~#~{3629v7b`5!{%CA3|RV|$k2lcc|i{Jm((B{zWzNH^@R`AFqzFlir z!taXr2e3bIr9R7z_%t-dX#H9D#4*1y^VJp*ww5yuo*jj#S~pRP_U&WbfGo$oKE zwA8CL+5TNNgt)BX!m8%a&5Zk$<&?>8cIV*;SDKpz@0J!*9icUHEJlTMbRBtkQ^|Qhb@BEY0f19R8X$2@@xt+FDLPA4hHP~3C z)uqEJ6~n{Bb;<>IK=~6`%_LSm+0=L_P;cc4+gy$3ogQzf6pVS*A$K~=TTioxMqiNhOpORqZ8n^%NXA$E{v-W)eVJNqu}3(VZ7DF@b+aYBlMG9Y znyymkAoOAu6r2mt3Cahv{pN+=eJ53I^%r0DuezYhyV&`|1_4kESA*5HuKQqJU<5u` zLNhX$^!~HWa-)=|%RyaQcNRT(qNe-`pg_2d7WixLV8+K|Jyie9Mi;Sr2bw?7S<7=U zA}y1BqYD36VuRC{RIW1x#-4tVJRsoJiMsR zD1HQBl@#!JP2@g6p1d&4t)mbujL@%n>*o>r0CC>SvOw_g@J_?f2!@e6el7^X%#R~P z)BqPVUi`=n8_gWCyBHdgekzVw8H#n)%*CbkaR2% zKcPVHl7-V;td`4!Eeg@d4O+w>{xc|L=y)(vA?Nwz+nT9H^o3T}2tjz(-qyGJ{U7x5 zOu(Llc`b8-hUx%NM9O6nWFY80?{j-Lvktk4J6 zo!iyGerBLUzC)|<1ppln9?44&Cxx(Ljg66SobRH){#|Hryu!&%6uG;U;8+9*$cA%^ z>+UpLv*(W#rUM{@kU#J+W)xrV3VL-Kyy(4qhF}IZ-w&q>FzD7f0WbG%uFkr|VB**2YVT?X zXKjg=md`;br2v=M%Sn_K;55D<1yt-G*rJr!+Jm%Vir4D)K*ZyzOW~`*9r!mZE7;)I z51<3kYh{3@6;YnFpMRryMqj=(qz(f+Fw_d8KG3I=nAtx_BVAlp&US4mh0g+j;!j&5 zw*kvSL-X`?B`*^xbWqv184hX`CRz9^EBJJ-U<=>8)1-s4c4q9!NMc!Z<6DR}w>w?@ zpW{}TApn4dYt6ayPyUZohjeO9_61Pp)i^`b5;um^QsffY*#dps&vK1f9}BFb__%iw zC+yCY7d)nyE0kCQmCKociX1R{w~F;t|EMUo;M!w*oSykE*2sdW5MY~x=o}blM4p}; z`i-%jRE3S&kA=K153>|>Wov$drt$gjRxh(i1lROE-crA1gZ>SoG4#g4A>|Ho5`p&> z`RMpiLLNM@s3^1zBJnmGh+)JD!|#~wH{%p=meIkj;6a=;(>X5V>1D>>pLb0MU40f4 z6YID5G!su7@YKf$FjERkYjLqKzABjrO7$FRtY26DFlG3D<00~{THVzIf~<@1)*pl{8TXkriV5O~BwksuVka^vS6?Q- zYQGR@xCgYy@lv{w=Q;~Vs1e61ka%WZ}g1Zb!!SDS!K~y+#N;cbX(FPmE$jo)1vv$;zT&_K7V+`rcFJFb4Z;bCnS zspW-u4FfK6{p|8yN?N)*h=SD^a7g$upj7XyuFBkZVDeTQ$exk`sG0~Ew5}j`Ev_NJ zY*FD;QkE?tBEdM{s-WNB4_ab02z;pfE-HdTsYmd2C3CK|SJrB7U^iUO#ecv16Yp6s zHfof(sdC^}kRZEJciA!|IzKMd%X@@Kq&3qwnd}p>B)XR#P(~B|P{MXTx#@9Ta+eu4 zduG_uL{5v49h@>9-}Df%>GTRH!N`ZYF*Gj)`bR)^x$aDZw!w1G*hy}0=SYKDEN9u+Zy!J}UcOy|L zB?svl1mu`#KGNO<-|G*}SSzKt@bW;Y}M)uf9C5pJ|A?)$xJ{8_XdGqVUPSi`f;O?fn z|KQ_Mj|m@*8zPTD2bc$g$tM;~$xNliMh7KYtt2f48zQ&{<`dKnQ_!u4+&{SQ2zIZ^ znSRiFQo&!rpAsF%>% z_weP>37O!gMggm)bC|?+MWs0iy?7q4P~YxNt@#`E>&d>Gi%QN21YKq((2jc2jpLqa zWc$(XKtRsW_8bKG9eQ?Ca%dH(sxuN5vaFJvPem}kq{J|}cVNeD1*+qC?kfi|c`wPmS62u!`Opna+(x7TT!pA$&tf&}WSBO9 z9w(3NLz5jNs1!{&JQmZpEz_uC??rV%27W>8K~-77Ab-t=25!`?U)H{L-bI|zND zsURd)_|?P}k82hW85&)kGh8>7&-<9NGl`Z}Hgon&MPvn;cbdu5T}vEr1_9Ch9R-r(O;@`nUlPknpn0G&wgotg|L> z3G6^+o~N&}+c2{O))CvJr{uMEmB3|1Lig4h`HvIR5=sfflOcb9ba;>vwxWEFSS9Y)UgtgV&Io0wA%PRNq4j#CcyWiSBS6`+{xy2Qxm zv^98eBk{H0s8y(-7Wlj!9D$ z7V5U|wOhmJda=DqoSLHq>UiKHEVRP|H2oufQK&$mn*vb6ei;JKsYxo6lmG}5U0^{{ zC*Y^H2e&7DA^(5~w7thCxdmNPaw{p;^YsPiN54fFd%s|S0eS#qKeJouOh!K>@+;M; z*G#EU*`orfKL||qA)6ye(15qCQ2wveL8~3x0Csu|2^>rY-PqQ5cR#eMj5^>xN3bBl zNKyKpP&eY>MtfaCY51E^co*eQFxAM{Puq^(Fe;|X_DG5P@S*~U_uD~h!6#!~RgjvB z_Je~ZKb6A4GEsDsU4L?})bM+JdWgQ|TQGO$GH=6Y)!)X<;>lI|8DpDhRB{L*ES?+0 z8u>>OHervMRI8q95X_@j9UV>q1r@i>Yju!(QrDv0)VseJy4j?vy=2$_t|ni(iiEh( z331^INpw>B(NY?(c*ULZw#p&At)C?cbNTefoQi-QMjgH?P|ss}i%8M1WFBU4{8X8OsH(=k0|jgPu?7TiQmDvx4~|l@B)0FGJ*)U# zad47P*CJxO=I6<~axlUDDZncWKDRUXgpyNG6afvZWd{+5o^1JAK<)p$wFhKuZ0xi- z@x%=%S$+~R9{tRqhDCULduuN9as&Appqtd-&7TC5;zU0OUO41=o8D$qs%ktPKI(rey@FS5}$Yk+{}W0}FEB%pJydxg`cJ?HyQ7k~8s!%61o zD~zukbQ(>9b=o6@?-EHv_{$MTX$>R5C(Z|tBr))N6F8{s?d-dVg1$KpgJix$X(ye2SW71X=7Se+fo8ck$-Y5z( z_RI^1PBcVu&ezD25|&%)-=d}?Q4(Z?l5C=F!{F+175pB1g z7v{rzKMC;h>Bw5$#%Oh#E#n?#-zONVmCn^p{WHKf>A(Otu90{usF6`oQFpS|{PkGH z|4K?r>r_a)aih&r`Arlkjfogj?H=@m<*?n~%J|%zr#$kjr`pfN|E_@m?2wS*2=bcA z8>WW=-I*#cA1?7A#}(D>A|?UGPrZ+p%5N_&Y&Fpx#%(&ubk;ugVUqe>7?FO|An-`f zkDo~MIFYeY$7?-Z&x$aJ*`KDj;UJ8a4AKKIy2DKIhZv7XJe@-4zYB{&^bp4|6Yya0 zUp*bQ;)rN?omu=##bS#y{CsDxwj@q4o09r1912veIRV>a)*1Ie;d|1JwJ6UISddX% za4D8EO0ls3f-{_~l_#!+U{p3|^+QmpBa@+ScR4f|-shozeeMJREju%6tp|oufrub6 zT#+ctDIf>{>d*GXz#{;|`-M{qWT*9KF;KtFfhv)U*i^i~!T@ChR0CRtZx4mpfvbKK zk97X2iq!|EF9GEWS!A1Y*%CeZJsekS%wdw(AIGCEq5cqR1xE_p7btsiKc*@vRmehA zTWd2P-yh2?u|1wwU5b*!L;Y3)*t&J$i!p);^cp-G34Rocz~j~6+s%;-L~@^K@LUc7 zV~MT|@6VsAV`^MqUaFMvT5mP~9%BA5{S|$D6#}->IfB3_S5~3Jc)Y?_; zgpFu8LwQ*_)x4c_b&UGZ1!9EEx$Yy(>mXX_WA*$`{brR{hzt(-_U^@|S_|YV=v~#{ zgQv%g`&~xP7m6}Zyxy64T@m#RatyROsytu=VbG*FM<#YM?Wh>$yKF z8^wEovq>(dd-edLAc_}0{gl+%lihQ8udyIm$h0Nvt`Z_ND3a_Y nmBe7iDlp5~ zLLA9QE)U%l)|rg9-k+92%43nO`GloPgMc5b)e_Lc_rri8 zG@tR$0dn$_F>z>etz}GVOfJU=s&`X5}!4Cyz1A}>TWGR5e7H@fNf;u;Y;iF^!;XNVC6%UT3rYA!8F zNoXl9#s>hWyn^iQ|45aQKNtOB=IGOgkrathHY*Ia-TcA3no%fZ5mZ?_asWKV$jAtR z3xn7A^7b2dX%yKR>=dq=7}?tm7I*GVV79<-dX)w_!e>u^OH}!P2^gQ_`7n5m6pQeR zXHfnc98Bom|GsPrE2Jq-=K|!HF!@e)p7KsRUQ7h}2sdLDqZk2YYR@G>povQeY=8pd zyfaN7j@3s*LLv)92-6L431Ir3jK1zg=Xcl@Bj*yLb7rkMQ+?DcTU)Y=jjmdbtU49G z2CdSV!h~r5SU>~`1EzV=S%5V4F$7fbGEmvtCY^!)cQuX$vo*wEhycq)0*(tjRp}+= zkP;;_v6j}(*Xox;+3qJy(tC0Lg~f;mKV3122$N0`qo#)@1Cy*a9myY!#BFpqdqyGb z6jZEP5+9u%i3%N$6?HoOkX&o@*k9(0>aJijv(_}kW8~g!{~~sgk%On4k_>i#TKk~p zdL5;i+e@v|oUPcP82t)WD09lwbUf@jp?9o3SdQqceGh0bFlq~Q%zD322hKBkzGIt2~OTU#-Gj7Kr0_{IV9|E@zvhML@NK~x4 zh6U8~D{%enAr70tJf{coK1`0%w!Z}0LfqdUGqjRR6>iR=5Rjgy_7fCKau~E^Qpn6q zOspXN{W@e$5Aah!fu(|340C;+Y-Ru{ov+LDH^##{P;fk+WEOM;y*;w%3WmUyzQ`V zYmFgOZ1d5nX?oGO6+Oz7y)gGGLbVg35kplWUMF1gzp3q%&Zo?BRGN-C=Jco1#x&AWk#-c3K6-2C!jm(-o=I1AY`#eAtD62c0 z%4Z{n0sXTLIO%Q^2~yk&eq^c=F$$_p4NIL#~ivy_XCF$`(H@{SY~Y zY%CHiGB~>(3-`GKwP!f_!S36|Y|HfvLsUz5)5Xvo`Iq>~~`Tie&?hpIQ zlV2^(j-4*@JAa{D!D=KIMzZTNrHiB|^IfRsTz5nS?T?V0Z|YEL3m1bMd7p?1RIR_B z*rr?{rad{{cRW>{FE4VPXg?<6_^~RG_)@tnZ?T7OqGvxqb%f#bdb8BLciwV*Xg(Gy zkz9F>nx^b5MzXLITO9M7G};`4S9lG^J$k>clJk~}p2bk`-)G>auTFlGdpYN9sUI?+ znH~%xNWV_>wg*Z4WDCfClITw3=-buS14JH&)Glv0#xTDjLr7^>qJ;53jyhDN_VBx| zDZiSw><$U$c3;9h+Z^AYSbr9f>2u{kkF_Tp#pUUN5C3LEXF1mHsEZlDu^knc+9|iM z=$SCuS8{DaYFM6ne0F%1c3f+DgyJ-FpM1ld_;R|#{c8A0^RY+MvLWaa)hlt}xIDt} zzr6t7V@zj~3%i@ouTFIuDAiHOXu&JTISHId7!J4#zHgaz8 zj>YdTsx>45x~%8Dl>AK7pN;uZ%Rc$Kpw$$PeU7)im%+rkm)PGq%jzT=yLowsyK(5f zrtRe56d$%SSFVwo>c5e7p3%QaoWY)7p(L96YS4+s;RjXJfX9 zK|pF$h{owf@twbCvdVe)(>t&|zCfRUNsB};^YvAQB3g(LvS>tG(9zLZTpe%x^R}Z9 zWCIJmEH}kDr?*dp@HolCYFRFn7-j#`vc54Gi09q5U-m{!_1CgVz z5lDUm8djd6kw|6gMo?NdYKV&lG`VFVvI#&MSJ%B?c$_Q)En|wJ;o)@nC*EPLu;sc{oer2UL=H_lfi8drOMTUbnTZ(;%0QFV~R* zf%k83%>D<+g01R4Mz0(q?cB(SIY(4nF(l}HCU<2U3Tho9T8Rt*oznDcF7oJ>afGVR zPOv4(5#EIEZ+he9*AA26jIIjFvV6}OZbKTrN<#ivHr@CST{*!_Z9@5v-XVeJ_C`m+ zGLaePN+a9X{nMo~YCZIVo$SxKVi{_^FGxHPIQ9Y6Uc1~QamX%x&mNZ6y&@Y~$Vz<-dm(bS_2_HwSG>poZTJZ0K*|2Yi zG)*lD)yo&I9dtXx0uyql=~UR!W?{%y@6Av2Ls4`-A=z5b0^t<`{_?ts_Q$ZWTk!rF zUx<^A4#1(Utr@4oQmng0LiE^T#RAzfWt=Zv1gn;BGQrMDH+^QonMvkyp z)-&8TS1c{RaHI_gb$pM2+LSw;Q0Ga)+Kwr~yXGBKK`)znm~t`u#f|Og zr?6HGnkK`c0p}a%K3PG}+ixCh5x8y0Ba{;ZT1GoO2mq5r8JLlqrYt&85UBvtuUMxv zc@UreyxX9~$)f6*juR~x1)1oLm9T-p~Kt^2DJ&sTilr1RW?sy;gn5YfelSevKS6oSMr7uROHgkpIdu?23twieE3J&BDCKg3(oB8J}w ziRVaj!CicrD)mouf`9=Bb#@KWOb>#bjS#xh+%TNv5-M_k5X-o2}YOU9Pw@R00h zU1a?ag;4!{y;`Ml1fTWWYL~xEYxW2|&zO_DosTGZU{;47QN%%bQev*IpFFiCI}sm- zFR`s#+&JEl;1gheAqdviESkhmU9^+H*wE1 z7LxV!#wSLXM4}AOX`OEG9!8zN$V2;F-d`=qa~CAodhKsON>q{b;&1PVrp(Q)1|g@v zf5jeQV`V>*vc#y|WR{{HDTg^9W#YyyhL*|a^zWPhJwB>A3p)IZ5%D4RFqgM%&fwsx zDKlVbku7J*ITc|p0Pq{ zs(Kg*EuL}oxPCR}dNplv97e{aX}d!{$vU5ioxUjcLNkofZ1oB2nUcow<6qIuL9J|L zG!Ne@Ryw2%B{m-R9~RT^j#1)iZnejFX0zI^Zd+xZNM^U0RYJJr84R0u`GJ`4IRd}1 zPmO#8Ra0ndZ})4w*n9O(IxPA<_QxZG)cWYayHt0qG z4!;UB;Qlodkvr?)dO|&-kW?h;_h_J<99NcF21Z8WM(U;zSE@x^%Hi#*P|Lg}!g7i2 z$v8Uo1`~a`gJ{1;!5*eVsfu4ABCJhcDAmQj+#0>eXHP8)euLYYeR@;7Hd(1kRrxaZ zZgW5D|6%HyqvQOdZ7^{f+g4-Sm^h7XHf(IRvF)UB(%81G#2JNa*86+b%=gW` z_u!th&)$|@L7~5nQ}Su3|INvPYz1qE;y+uFft|OX_OCq*)w_S;Ch>2yTaJ%629;Ih zsA6e@s4+q0PtgWTQr~{ulJ=2{9&rpPwUDWmEWUo`Kb|`0pNXi2UeV2vOy^46S_igFDyyadPxDrxA|GgU7eE}z9*YO6z$cHt&D zvYTRBm(c*%pQ>lkpE#95KF7>Sw5lSEm2qJpN8k?%NCoIdSjO>5kYWD_z9P|xgg?lT1Vg!s`!o3jE6`2#Zmipkb?MQ5 z3?y(G<2QRUQfzAIQ23T@ayq@+?N$Gra(aU{WadqGfb?9K z{q$_FS6bKyp&v*MuJb~mBRlwQApzPMS2pX!ugs09keZVB$cx)$tmf{LXuWj{2QV%H zMg(+<6Xzkh!h(>`;G|??VoEy!6^HBHrm~y%x@}Q_gb?y{Zn1q$e9={L$PO+p301dT ziiJ*G(X$m&DOSssT}LbHvZ~+c9lk}1ZSSFM0I_0hyon5!uHo%Ajww5@38Wv`Z*+&B zJh&M)7cpbJqvi_TT)0v{Y+aV!TuLXndO>@Hwx` zJXjQ1iU5jvuWi3cLIEoZ3JOC>OZLsvnAEh#jWx#${LS0RrnO7)YNOd+xG7R@&{RZ) zpGN1?2cZhn$m-tj+dZj>4~MbywGpPumFrT{?1Z?k*-oXuYmQfZX&eXoRvXQQ@3cNu zurv@{0sd&i8DO$ZY5+Uz03O(EkIyVOim%jCd3kxJASp3chw0qa3iYl_D%htG_So{T z(bv2$k0B{Q)Y;W)2gNfXq1U+ODo16H5=RO`tSoGf) z=N6&Iq1C{vz9A20%bS?%TCt2okqHX7`;egkuC`i1>?_8Jn`A z+cqJbliAjcARK`$8kiOCG=FV7Fpq|MtWUeMKj8DMAlo{Dr3rAp$DIeU2SB(@ z4 zTO^N$j&8DXDiq!wg>nTMP(WOe+!_RS7<8K_f$G2oNEB{ejRcAA03bk2D#;@%#mNu* zxb6C_!i~nv1{ga>A~)x&JuU?9yqFK|@26 z5jw?}$fX06xLQq1svXT={Fn?Xi)n~xX;gRn_Z_zbQLi0ySm(2OX~{?eD@i?7UHTlK zo3ISh+`bMqfGC+jqWA`#JJJi$2>GE%1ld+4?9uvVC0o^QB|7ZdV>e{s`_su76D1{O z;ay$lH-Ozwuo2miANnWg9^|o^4$*=!{dyz$=-q$m^x(lMV;MR0R+e9ag+VJ^Xt3F7 zuIb_7QF|7_bh3)#!ml9ie=v7dqc0g%Kvo3KISHQ8tlb~y{%3iGhugZM@|XXG_^$SC zVMj#>?AqtFnB&%#2wUxx(cpn=2#5&(-l2e(!h%$(EVw0B`X0nuf`*58LJzFhmk{y$3H9& zF~Qv=h2aYLraGfL6iB)m_KDn|wr4xNZ)T)=q0}SDlnhWc+gvMj+ugrycs;Ja@QM?r zkSSfFf>!miSQF+59ySt}PhGpo%A_?tF_8j%$C5nvK_l5KhZJM)feSL95oqe&V5D-<$#7jw4xc?Zr!`aa{9?ke4 z-M-9Kj9SK@-!{L3-Vp(Gm}jA=q}z@JVaGECbRcAupE9GPllA!ATBo*L3hs#l6a_z; zXIU;*+cZFEZvA5(ffA6Da6t#{zKfH7y@p*l*sah;o#nUVBO&k0j@ic-NmK_j0OR1` zD5#73hoCn;#X!AllWt}PJzRKQOc*_Ev4dxZsD%f@>9SJ?N4zh~D%J4q>bKZzn<6on zltjqo32Y{xo5Dr5kb(DhS&h#sXBaJ9!S*{5F0NIyg@uKzp<(VHWVP2S*k&jQ8IpD5 zbeGu5pTcuR@@5ZfEjPHXg+`=lsu0IAY$ZMwh@k3?6vC(G?A)9z+@Al(yV=>(b&`)n z3@t>sFrlQd{E~~iW4-l7M7IC}c6f2f`C*IgsX7m&ACMtj*hj>lu0XA%-ufE=1AI{o zba+lD(jJz+pn!nxg>o4z`OXEZq@b<7hXO6ey&07Y!9^r!>)f(^2)(i-4QF-+3g2~_ z%%gN$olF0-CS6?cqVif9U*FDqbpw#=>;46@*<;a!LOmBI0EnyVmkvQK203xTKDrgs zkq~Hi$frT_ld~I#2M5WWi(DXowZ;2yr?XmSvs+0a9+z$Hn|Ja#lA*!A9Qq z@2s|wK!7Mw5}tknjMM`VND|aX#z*7F!op^`X@JnkxW`}^>pO( zC^98l2xR^{rQ;tL)a3y%g$_sf*rK^0MLAZ-`I1vlf}eZODn$w%7tKUU0E~dv2v7)X z<>OjmlgPygKqZ%wX?r-IIGmqX)w(}#Dm=W4BHNOI<-Z?i+X3g8?WAu#B&tjL{m$}V z{ByzoceK5H>)pcrMf{5dybOR;SWNWv?1!_nvp)-zK~57M))_<@b0In%sfH8hvzW=V zAmyV5IwRO3phb_6OLSF1O=b6}{Rs_&PlC3yyYB>;r}ua^OA8rz1P!LZ$C7Qa!t&o8 znBvY)fA8HL5bp7*NU56S{8ebqJ zNc1a}^YRtPK)`dl^GYd5#UF(=s=TlQN9wTS8BM~o%5xO#1%(@Jb{x07OD}<-#d~2* z;Enc->ed)b8L_Tv*WJhIXz%#LUrY^J+))3Vt{nb%o4-~*C&oDqivPlBu>Xs2veEBL zi~!z)~)^bu2Y&_MGUJg1<`{w$@ARymPu%RLe&3?<;>KQbGdNg3UAQbG!#7^l7S)%ew zLF~OY%!qyo%M&nv*kM$>c-z{o=9v#a;Q;-;)BC%VEjw)R7rwtP4TX@ZK&-jNRl@4^ z#}@yM3$pLG=uYz|c8fgN9thbgRS1V5215-bVjfy-2KtmlOM-{W`7 zPf`g&gaxRz!S#3zt z#2m>`Mns4F5nfJC`E-t_X~5?L6xcGv%l~kCzfF%hVjKM#qnEyh4LeVabuN| zAKBlVYLr(i>m-E>S+GVA;!KJQJnBf!(g=S}VViA!m^f0hEbE#(v534LA#WxaYM)<2 zoHnTdRJdQel{?o@SNUCdp=}9LzLCSEpWYLLd~h=n$f+%wUB%AeAYol2=lwgKEN z4NKCtH{A!z+pO0Zm``Prh(SLxQc5(bl}7mR2!eM7#rJMX-I~jro)pB*(zZ7&=lJj) znD!Ov9dr^wM~Vhz$ZBgBm4EnVq-z{N*7i>PlC6zR&d z4Qcv$dInQa7i$)O5jk5Z42r}T0H$+&i3fr2Ydyw@q?_X-H|GtH7kCKn4H8Vg74MH# zaY;{QXPGY4vrrw;GchSn=ES7f@*xA!R;n+MXUAnz&?1d(*JTU8oZy4jkr|d-O6Hpb zW`Jj~KlVIT8Hs&Yn{FiqWdw2~(%p5<`?s*2ocpw@4gI&Te&ZkB1CLrtgPpo93XL|a zIx>6B4unC!QSHO61*@cC#kZ7{oi~dyQFht9MFUZI{hz`T7Z7jf!O(RaUn(wL;kbal`&@^e3T> zF3TdhEN)%KzWVX4lxV^g;OYW{*>#}R?AO}-{sDskttE|KP&}$m?wM_q(tzs^k|TkL zl0-cHD&%$jEsfi*guP!3Lrwe-b84_SnhLdqJHyXWOH9cY#SC`QR?z?|D;w~_TAf8$ zT%Pi-ai|tW2@+j>-)uyJX%+qsehPYaoI^g6r=oy*QR0KibP^$-ZBqVbj}&W_$K)my zP!5sn2v7|uC%_gcgH06k7dP7M%qJn4r?N3;PC!ON0Kr|Mt7Ct%?8~EKDWmZ#Dl(0X zOt6`T6|s$#n@c3!;EfdwdP*xlUI>uw4kBSH(%Y#@DP#%4+$7jeY7y={wshA{Kong3 z)~W_85+wHCM4*T-7+DaztM4}*YV?Sb$kR;W32}LHpT`Y5Taa#by)eYG_(Lew>F5my zCmj!EHgbY~`gm(ibH37uW^c~~5?4-S#{?&MrgS2M4v|%|(ozIEu!#vHph^?_9Eg^d$r8N1<4b2O{N8~?R8g4|u}O%8 zSg6#qhJ%Oi&)ma;z*lV(-~Ud z{@XgmP3v7khT9GgVt4(kvwydI+dZks+g;JUI3%SYH8e^st0DbeJGjL!YN2YsBa+Bzzich% zqMkwF!~+CROiTMBdAtTS2gt}JR=#lzIwj zwDGnJB7&bZkc%xQ)-wbW!zhq>Ll+$@CRZkpk;JRF1bZ;csEvR(npaWmV`B~1MPSQR zW$RI(@BKP7cwe*#=2y&SUPB4b9R#n11jn-n5ky~P3-mm3bH*BP9g$mXD^!Dg33J2{ zp04f0))~jsVp9EaG*f%blYg!CCaM;*MQ!`lct{mcj}#q+O=k%etB)DaWA9>Q!q6r5SYfJKH9d#>l{^)((jswIYMy;fPWcDSirk;1Sq*(L7kLumeK5;f59PfV z-4kOADVL*X+S5KFY3l>ETcg48wGqzF1pe9@>UMv4`+aX6S!4KHGfchpoHD#25~V`_ zMgCMLOIbehu#mJQK25CG12G3O^tqv{9=AOma9`Ym&}R%dMQ6L1HIo0U2|I6%%XZxw zLodGN^&*Wi>&oFCocSFfSfUDknJzfE_UD|XN?Hl#d_-`B0xk=#y#-DkZLNq_8Sn zxI-9ZZXKzTgyOd3!YUj-&9lFaJ07oPM*IU0VK9H4s6`yekBc@~KcYUFaKx$V&JlQ= z&5Cd*SG^I155bir3jCg>Pu5}^9L*ph*PSlYW~6ewpN0;f0b@&L)3o zr8MZfQ__s4a~P{gt_x@irYy1*ytxxbfbTRz4+0}>X3`(nQEqIf5tMQ0MZDp@$0=6x zWwBu&pn)_4Cjhu}tl@R1$v(bV!}_JvXD|}a)SCpENRW2bm9RgkSK0%u%n4b%inx~r zL15$4`Pi@<;jh^Xz^T)gk(^616`WOiq_oy|&WHD=a|ItKu zhp07pk`LDH(odK_U^Lr3Pd?fFJ{wOzUSPdR?biyj|J@cz44J%WNdDcP!~i(V4p8ti zf09XAiK*JuNf``xCOHvku!YjEp}!oF;$A)18B`y2Y5I4a^C97|aY7;nxAKk*(m)vUSWC5oY;8*%Um+jYvZ%2 zRfWCFG}dI@h;x5g<>wA3g8VMG*`-;d4}t$WM(q0@_$}cL5--^WJTj;t%JhXhQSC*6 z(|)B{_eyMeV1M(+IK{eZv8QuPY}dyzCBQq9dEDn%;}kLN-S6|A+~Z?J!W~7})B!Ha z(2GJ!l^H$3)&u6aGk32B(ICD93{Xe!Pi&+J7*qQ8k7;!85EBTv;hN0k)m~|`f^y=3 znDjoP){XS4?^YGw9BHf&jjY}1(D~Wl^T|$5j{l^tS8jj+X>^3ohbh927<~4iP(aiHGrBbwvC&i<{)>L=BX4J3HIJEK$V>7NKmEHtQO=}cE^Dzm@B@0j`aAe1eIcIZ;;cu)1b8jrl!BjGj@Gkrk% z5w8wogiNWUY;A7&&*CHQtk4xjHk%lf!2e zXO}A-d9#&?S>aWb^)LpE01NFQ-56Ladhg2ReGiHZaNlc& z9^b1CttV%BMzYv&zFh!$YGpS=^wT?dcRKtraa_lW*_Q|t&CKJ zAN#NclNDb~-ZfB5{*{f@Nb`p<1Mo?NCFs8RdfIoi$+=z#(may-jI_56j%gTFrCb_C z3&1L~6NBT_6~(Z9*C3O#p=Zzd=3_J(OEvsHOfzFl^OJ)Cv5Yj$7~=31Ycf#+7*lKV zNSbi>v{#B_f_9j<3`wVCC(S6(DBU~us}WZ@Q&(R4t0JTIN^?+Eez+6?5C=&2ajG%Z zD^5&$IB6iNB;NjZ+Yp1ovOfJJ=?j&>hftH>y8?mQfQV;o>V_05<3T)oL)d`U$qYsd zYi^Hr{SKpuQ+MbW^s_0rw2N?_S4nv*|d4u3$ExpuX^ zJ1@Im{@=)(J(Do#v?$O=u44E+SS2Sj+h_#Z+~Q*oCJKll)NuM8_bls4V^u3;5XxY| zex$Rxlrx8#LONm`;KTT?a+on_ZqgvwlY*!J+yYI6@1ZSy1_liq#{3>;DC51vE zueIpbJ^Jz~fO9HGsq3H7%@qG_u%p#2xk>0{)aKQqp<80{dEZl@*#5F|u-*gF>SqZS ziyqS46F&^PBN>@P7y^r4hik^jt5oesZh=L%Ce1m^2I#gzru-u75PEvrNE{f6a`lp}cQ zuhBIyW~m17-|x96-Ci3Sam_j0eiWAM)WrefMFr+t(Se_2@&i{~`+e&C5FM83=D(5Y z;Hc5ta)M@oXC*YV_2UG&4|P_F=717ZKS77s;Sf=gON<#L@vEO0%5Z~jM}s}iaz(!0 z2ar&6%q(Uouf44TvM=#)w@+d9PL0;GD}|qhYDd|p+nk=3INXg!G>g7;s;b*f%9RZ|GrB)Vi@q2vp}3$dO6mbZH#t;t0N# z8o|e1=FWR}{cz*CkBnf{Hb$qRM5sQ8{OAZK6lle3NH|eYnIB1{j3n}T>f~WYRp6w{ zCvBKvF<(S3;}dd!5qvT~5Iw$TvGPMAi0sYN8+30rU0q?Y9lo}o&bAi=6#19W5GVYi zBPY*kc_(qw@4W3vVP+ssI#{Z#bUJhhx~8H~H)#4%OqzgLVpPvpQ;^=Di(e*9K|@cm zq*{a{V*4cqFi1@0hlVVvmgB!^O1)>j=RJe?PMJ92(`^E)i_+>A#=N;6AvhhW(50N- z%D3YQEu{wymq&a|WRpK6zJL_~IFFNDVrz*!$+&195b}0NgVFG3NXefG+axvKvCE}}~A@ac)qkzhwoE``V*PVNRF6NopSS@MANp7hsX zq3-5<+3%)Xptn5RtPie`Q^IEzRTA%4v|?qVvd8qllF33D8vs9_v$m0l9ykT|&b<%=|R0o!k4JZZb`?*9WCJpYLnRxinbDrdw3EK6PsFlB>9 zn#jFY>e-N3A(5P^2zz}_DOvs%+7l(F5!ZE0w~cYF4oteEgG z&FY>Q_PRic_IFT=C7|rz8gp=ZN}|$8_!k&+H%gkUVAEOZQrC$Lrq;I^x4^Q|f1V*s z6tmZ<(QmmHb?=YTFp^8%G3hloht5R0V%a*lVWP=HZ(PN^LanBVmoUH8F;QryY$Lel z_mX7$0x!idV@-#(enkkut$EYbS))SvK$p5(=20allUX&$mp^ILETM0PA2uJk^{Ts? zNPb~#s^Wqho+f>dOn1L=mb3DDu#Klu;;GY^Dt|ezs*C!JEcPxahF>OQhr}| zb=1DwRdz<>>xq0;qB4*D;1iL3COJM?tLaz^v0dQop7(*XvIpuCd|Ps(D~5!*W931$ zHFp}C*HilhRtIjAw_atZNp6c}6X?{b`D{}~qqD^ihs$98$<=mwTr1_=xfBkIgut9A zvzfCUF&QDydOVYt(~4qh&>;HiJEC>IQ8E$kGd&gV-$n*%2I^Vp5Bbc&PVeCotcem0 zC}4l7J`E-Z5$0vUt8XC6%-LH4tN9%^=}|C;8l}C+Cn{B6zgzbdRN-O22M>=O9`&-Q zaw47LU@A$al&v^B^SQJLZivY>+Qs{sAQ7mQAUZ|#6}f|zl-S)g4HH_Xe)FfRA=ftZ zqF=MC=ivm~f(*m@*D}HbfB&T#6_x!BP$}jwqhd!?SU0+MSJk#g3bSOc&(L%n8?EsT z4wEmPm{2b@uaJ&1*7jy<#?F@O``pa#pNRXJ1`~V;EhNHdRuRdS7M`qXh2S{>&~K7$ib255l@F6J2$#sXTdART;YT zm)^P}Rc`Z!F(yaq($1v^Ck%Rs@y6VL6%4w6-Ld`Vqi+(q$^f9Kce{YKe1IwSQW4jR za}k8rv0;`&Y=Fp`>jl9Z@7G(V_PShq2$o_~N+B znBS4zw2U$?aD>GIhX^7wY8Ls1rg(BABuI(e`F~8F?LlG<@f>Ex*0DHdQ6vQDQFy2p zjNBb5_gtc>yk=(0flX!>tCEC}zsC#Ztse{4qOX!=hYN;Wk}y$B)+nHdMae{Ez?_%^ z1Tno|khp~TyzL|Q4qnM-<-B1IuZdM`wR&t2gI8N^iPsp?js0HjqFeRqi6nA2{*}Ww zw$-x zG=U+lPFE1{PELu~qKJ#qhzp3Kb%G}IkKnx)v$gDeLS@`hC%-6|R;P5x8eo!dff1k#C@Ht;+ezs2N%@L_CV(Z|v-LU}y&QeZ+u7FX zpb=F;!uS4r^y;;Rxrt~XIdmWo-zLQ_lvl*Wss_%ZKkAu$w@4b zIi^U!WABGSs$kmg?CA6G5BJ?vE?8puD32rZn)@D6#X5>F*^QZz5=Zv9spVgJU-;2v zi&Jf3c+An-^Q9ERVCEJ7T=AysNPqu=3w}{PhyP4a!6_XX{yRL4Q}&HxY=yom^T0^) zl1)in$2bJTjXV~sNR=2rVEETh_5@jXn&(6797F0<#MDguG{DOmG)RN*-5g)Rc=FYQ z1noKj=zB9jmw?hKG~X#jlnVKmSvlHd>ZHFvQMrzF^>l2BB-trcwgNna7;ebecP7T zVr&jy7U&u)b1=al|AAh-rn;g#gJB(JTC{5wnYu(z|1`x=t0pm9&G7=Ln#p)@eMBk^ zo6s2ZK=}jN?9z}8-|)KSQ}*lES7R<5$(SO;$MlFL;w9F)1~P5d4J7c=g(TW_Vh~%R+lZ3=#EH@F#a+8_cQH zU^9=06ZW2$>J6ydf3m@`zE78nDhvAFk(@!y4biX2MSg$^$KpAB!+J~6aR)MG+EpLc zwBs2gH@$Nas7Yhq5ux1!lN>Ne5@`(NPBIT~<{gnVhnf|lvvC$Vr^f|7VJfZS-Zd~Md6C&&m3u+xR$?gO$Jp0FXTlFYk=U2mNB4an@w_R4N^+y#Y$1!ha_zdm&3a1PMS+5Nsnk1x-P_cIQR0QwHGns>vuv@4Y&t~>c;K_?w693wJp&Y4${vd3iieqL zyZiXDvgtiDnY5XFFJg{uVi(TrusXU(#A}M`B0|nu85Z-j$MG3aMxdTX8o+-Xy2edpK#dH^Y9z7MB-_v6{r2jZHF!i=i&(?WeIMgu)mO!*(2K5tIH9B?VU)B{SMVw2<3!_N`KB59Y?=T4Lg z!du`UWk?U)de&%J;l*7jFMe!jm`1W|e4Z3io8BgOEbUw7d*D=GNYu%q;|-6Fu%Ip? z?ri&jz`_@yc*}obnJgfUOQ*1EiamFJ6KzO+u$iK;fP-BQx93Wy(SdTU185 z4qe<7Gk)l`Pmb4q0g%S*8VWbd9RO?Ug*jVl*dn~&u9EP>9(B5n|+TD(RRdv z?1Ni#MS#{h6AW@r|K+*YE$DIX|5}j*11`z%ldn17IovRIK2FveN@3wS4)vr95Y`-4 z2Kb_d)4m);yGiin!Zss8sFK%J4|4?J{l#DX!U`JsuTe4I-p=bkGVhX%GM(zo54{^F zKVvb%ZlF|icbR)0LN3$TZkRVf;@Uk0K(rrRSZ|+i11eOGTwK(O zoc?RdxNqlOLez7`k&SWnXx~ENQNwuER`o(N3)9-*u1es1DZIiQ#FnCX(s*nm-wsly z46(C;`S4XbU46~uZx@R~vCl`yboGU)J-N+4L-Q4i4L?1;5PXSR(lulxBEbNf6O3lZ=^RXMFpHP%nzs-|F9>iQirzo;dZb2{pl9{BG zA&u6uJ2vHagAWLsu=XWq-S>J&8Wd=A5HACyQS90{o_>+zuBM?Zx!!Qq0$iuK+FolL8%9a z6R7~oMEoOklpWLGj_vJDX3iLpH-*NYW^C7643c{QtzMr$o>nH}Y0-m6L;zmXF_Uz< zDL{(SVI>AykPh)&{1>#R2d^=+sf~Qc&knZzVj*v!@70{pa8ZR<6mR2G_AwQ34@b^r z5v9k*04Q8qV3v!-_~h2AB#`&HviPToq+?7%jN--EsCXpdUZMOf>JXt&@Qax|GvZwz$5GKM*JL%ifrx4bO8sC$_3l_GN%>G zBT3wbETlu(f%?=lz%GygKy!xN+!bAFv#_YkWl%9X`9CfIWd?eGxR|2lvT%XFCcKIK zB^;`R8C=Nm#l&qxsWUA=w$T@rz0$~|Y4vpI=T*5?8%$f}`?J6K_^N3Nwa^DEH{c>R zX)8+S$-clVEvqE&PSy9a1>TfNSuL+PF>An_9`R>a1 z_gC0D90&cW0bO?6D=)bzanZ593 zWw5$2AoSxY%M5wAFvvMEuo%ltAsooX50YT(5)>;C7{yc130*H!WA`Gu346Lq0hmH} z2V_&?LZ%_bXQxW6_yxT!iNi#qTh)N&QAv%WUJDkCc4qSzcx1IXp3Z_Ah9=>si^YGK zB~aYn-4Wq3-7W;_fA>s8)jAQKXoF!8(Q!n|5OU{++(8-bat5|f3L22=)M=MbqlWmJ z8jODZ6>56<7c&64BP!i_&%NFz1OW_g4`FJ}0_($+{=pf}kT(Yb7I3oA5OfCyXYQFl zq4Uta_65SK>8b9^?xt36tF*NDZwD>Gc#4&AE^hErbD-c6Q|spz9D3#*!T9o;&h8zY58>(@HP_|Rt_>rK%xK^Xwva?RJ zLm4v^+Tx;!57kr>Ns>-?9VcF0zH}iN&#_0?Exn41CQ}v?$1L$E7VjV=K0VjP&E1@~ z+z{3xs@T_*@~r%z1Gbi_n4(G}BB)cYt{-hrYkGn%ytoY+t2OK?GZBID~DqK@dS220TNzTmeP# z#P+q}sC^g%$0eSgZ#Y5;1Q2TDRb|9W;GxNA`spY{J3BiI>0q(Ninfjyi!-beHaFq( zMqhyD&GNcPZ!P*hr%nkl@o}RzA?DUE0W2doa41yir{$u?10@!cI8M*5>f1}&oWyscUfC1eb>=gyvA-3yfmo?;_`bsK14!$4$#grYC15emUA7&_-bxK$ z+akt~{!&1Wc9<}~%q~3iB@>?NGAn$kR!=YzB#D&e7AUV&Zx_94nXOiRVf+?c?zP8R zHdjRlagPUD#CuOq7l&w3e>wyERGs6gr->7JkZ#&p>_Q{N+mLdqfqC*6sRupnIDQNy|a=nySq*a%_q@I*%lADh-=C za?@U(A3l}Zc+wR5Px(UTPSjp~`^q4er zV&DE!>;17THCte%^4#S286}s>jN4-|sTJ(#CSa=CX}l`Okxx4z$k?Q2tur@Fxh z0wIEi6=Y zaBo!kofo>l9SGuPx0)@WeQ>ge5Yn`<)kHHgnB%oOXw5vcS+22-u-Rz;re3KT?Hy+( zV$P)!qYrA)LL`xIWlD98uFmF%`>&D+v!Xd&WD@Y!8w^Hf`L_o}WmV?YOc;xEW^^>1 zleO!i-kqJ%dmL79nJ#0?n)L`E?9U8kJEkj3csCDh{7S_Ev0oHN5(>fbkY=Rau~dfY z>7BFr5Myt6<=maDFQVK}>a_-zYji-)ok#Z}o1fO~QX5C~JBOXkAUrFKNgZw4y}$TK zbg%yddR@5rM{jP!#zyM4WRiToXBdoZ_raL`<@#FfcV9d#q1i~>n2%o=_W17hNePmD z18lcyNJirA9#MU-5G*UvNT?cZw9N=GX>Y$?L2LQ!kt&EwkjqjfsAFT>!v>8JW(wdl z@VVI}`E}l4J&aG5G_bUZiM2}|M{qk#8F7hzX7{ z2pTD_#AIkMj5-IEm_pjkd_+q5HgW#XpiOpa>fYV6DEP z80`X%JojcGN=e6~gr2q)_X9$RgLqn6REByw6s-wx}!vB2p% zLXe1Jh2B593MCw>-;St-Qe3yUqiy>uIqh=N;^KnOnX8N!@r2;u;9Pi(8m#pBsJDWB;Yl6`sq1^B3;a0ltc$%7YZ7Q;>vU;bUY^!o=fABt6I}&;*>!z zv1EWombhr+PeBH|?&b`zm=YhW)Z;VV=^vTJpev}0C@#hhZQ{yvv3(`sTWvo%yPj`& zc}C%|UeJ9?HphcluJEE5ADh$(43DT;=Sz=$N4kG4-2#|Bq&al&AsV>riSa-^*7-s_( zI~`Uob#>Okg*#GdxvW0V2ekd0_E`6Pak-il_8%o~`i@|QN(N%-PRbT|Rvvwr0vGC6WkDFEEPo)Dl3T*x~F%gx1x#>x{e&dKZBt_!9vO^(k4)N=g~5Qtw$G2Q#H&a{HS%t*f!I z^JI!apXAM}(1*khqkgzo(#O#A(T_05gY2R!j`(UZ@c2xuhjpgvLh zu7%&{sInY1 zpdbTEX=xAKL{g9~5+m=}pO1nbO_ygCDa&1~aoL?y0nnVTk}BH8WLwGqLhYEbUd*~EQC+K zbSD*PSHe4($w!{m=8BDsqR9{~;s1C@9wQLep3TrN)NSyBOkf&lMX)NPWvlP7ZMoRl z@zX6dHZ(N4OfXp_{}KZ{8TTv|lGX%(bMX)=SFi ztsnonG)cGSvU|wXL8Eod`SLzo8 zbWnEkCN~cbTW+pNHB}dKuY=CSq@=Ri!#0)c-B{m3h}sY|8NkKyvBA6LH3p$=ep=~B zaC69mv%zmV2D5=GH@9jX2Ff{%sU+{87>iQ9alJ=4AHubd=}CY7SdoW~V)$~iVdv=P zL34a^-C~4539BHakaMwH$S^BP=FGl*wRwLPO~}YOb@FPCGdnVs1cmrOs%z^sX(tW} z3SLL*y@_Gc`3P`1ADg1qa$E5LF{5#zMtI>alkpX}OEeD-xnj?_t?*n+buV5zUAIs; z-A^*@!KK^&7g2TL;V2nM|t>NQuqxUuk&5cAFA&h$*9 zj7>Y<@W0EdA&AE`K5k(%|HC)}xp^(EZ=*;Q$N=B}m?_hz2_0F8i1I%_&h4I_!l7CC zum9s#X;gj}QE{HeYu-=x9r6G2VtmFSV$i28Zm7I)SH6G(=l!&~aE694m|iRxT~j9q zGP4Mr#gfRVFsvV?)C&t&`z#E@!m)f70WOxUuI|n@stc*l4m>O@TAj~_o}BL2v=0SkHCSlIqx~qeo!(Z;fxtHf;KLa|HMh%!c<+<)W7(!aKzneAk>TF{ZUGIm z>mmfi2E@7$!ZU_wH}5CvBe*Hga{>bZ;eeqQ7T8K)1qG`CcS(^aY$N3<6*CauzWrs8 zaW=H&GRgq*VPk73xK^`BsgxtxupwEH{V*Mm7t(e;kaB3)AU(cCG6y0E+MTbJ-$ypN zfe-a=r`=%f<`R%$&*kS)hEgPmK|y^_bg|J2XK0MACq$CXO%)IU#p^TKeqYuZ9LE~5 zx%;wDmfam|;{t6P>3&1KWO~Qe{Em@11)_isUlp5Q-FGVi2!?p_I}yCM`DUh(KhDbW zZnUocS?hxWNJTVqZr8I^Eum4{@k@-kj?Sc_-uZ8JzFaN?Vc0fY4;ru6z$|Vm1pUQ zRI9T|s+yr|m&)P%T#mYlhD~;=_q_ zoIfXFt+vWT+1}zNb156_uL9_JD$S2jB(<)+%?8ZXzEetM3BX+^rzo$tb4W?)DaQOk zMH`2JSDdF&5P8eEci8~3Y%!TSB2Y=ZSM*xK0TVIVZvNlY9S z+(^km%0iisu+zikl9qJlr_ubt*5P5r3mME^G%g!7_f|ct;$6|7sj=(iE$JhvQy@SM2Y zX6C-v`u^NCLsrQOQg=Cm7pAr-aq((2<|^ZUNOZQ+L`u6CBQe12WM44^jLC0%`D(7# zaso3yZKOoMw9Mjd(Rry!k}Ewellp17!E`lg23os@imlO}^Ior1#@=4d_^9$rLUMAn z4W`Y<>F-r#h~Q+ASP{Ra8b%C76feoA6*wP@MkDybZf=1gR&F4E!JJ=Tx$9A7AnImi zLr@UwcjrR`YY_dHDL=24U4wtEVL@+}ocb%7#ztWe&g&0l)HFk7VOD04SN3?5PN-A2 z;cF%CrWm+2_Nvg~Ivat%R7`}2*~Yt z(01txy&x@(kuPMSY@*+z_Rd~D3oNdQ!e^TvUqPJT`lAt74{t+{zZyES4c=iq@r-}S z4f3m{Z>eOc{w8WQICRC>-hzI3r^F6x{J3puswprLJLVlOwx|2#;D6$wvO%#aNR33auwF}5Q6dNt$AV>;x%?b?2k&u=UXh)_RbqrqoBi=%5pL>OeQ1=EWnSL*uhL^edU9r5H4-*p%42`7uf~+pJMyuhc5i2^oOg?0H zJ+E<$vH}C=D}LKyZNQGf@t5%a6gB|=Tc%;dRAWawZ-M6!G(^qgSoja7gcwSPd;W5j zYLR+d(yLUo1Ay0d1Z-ph@5G#fW%%(znT3M!+>CF`iWpe9H_!OIa;d(VJgFT9^Yw1gMEiBIT>@7fR zgLiQ>_n|NsM2fgf(MBEZFwVO|xL_M}>!#-Je$2HPEo~@0%F!-z0=~sJe~m#cCyh#j zpS<32Tu_hcy?dFq+I}bFycXPwH@=)MWqy;=H-&`9r}lLill_dEsKNgUTkDK z_XIpK5)Z6-w+MvmOCqg=et&$YUqwgIV#iY}v$%&RH^j%iZ5MQ|8p>7HE{CV8;#*u@ zE_q3Qxy6~!w1}M2e|9d5^qFDeXKEOLli+J65Kq zn42q@Zl!j&N3~jc6V9%(xHRz!?h(_WvIT8lftSzpx)Oq#!u|Z4HsJig^j`j})1p_K$wse=5Sn4G{c;^=+FX zmiGbo7n4c;csk!?8f}I?{Kr#UD%qh|=IhW@4s(AX#N67DbPPdk3KE|#OoGPYrQ||! z647sBCE7LiFm`|>kMCXLP=WkqC1axLH~zscx+k!Fvh`wPU>Im&7gFjbkkbBM!*jpQ zBTQZ5!4}ZMb+XU-^taBI?Ah9yQ^~jDTmB|aTA=QT9;^Ur*ZV0pr!SEXOA$U;T%8gFtYgOx5X!%=MhNIu1? zbQMgGX(mM(sc`>ae( zM@9N>Tl;_Ay0aD1P)~p7Z0)u#*hDh%e=|@K0_Z7plQ$UMAO6ZY5E8-sORSJ=iGT{f z!J;2wrF_8e?c3j*Qp+I9NHn7#{s#)>Qe)tyx4P2u{K!l0?z^w<31v%=UXOQ^h@^7| zGmkX-XEN|s@c(u0cRNG7b)Ru!zN^3;$;P8mObJ{;2d5tf4qO8yhP2U;<6!D;_F;rg zma+p;p#hwT#)+lar1gRNgKbb--d6?uQm_(mDmABY6D}t8F%Z_Te+93nz3aC335}pn z(&E2FQ{V3$5hk#nc?sv#&;0w!4c5R4Q6j&5I3NuJZEa48Hi+1>rSNpKwZ-HQqw1+m zFIjKdR&TMO^n8Ct4YboTfGkA9ofyfh{woeX$NzpnSL|W)8(NnQ7W+%oqU|b`ZD$*N zGh*rxVXM|fHjBpl)u?zu(4&}9uEPq>;TZUv=Wx!)bK{x+>KaTbaro3DQ=ow^FG}<@)fGD4u+1k=x-cC zUavS3O4c#j5u-^_`2fyNPEikeNdJB(ima)WAoF~0As+STWF8CDUj0(7bGjq}2-J$L zX7Nh$B0*6?;>1BD;pZ&V>qXBozf-eXq!ZG-5<+br+{4qu;pFrPpCmR3w#5Dzh?vfB zuL_t>rylhhOEfQnA55{r`zsU|@l|R~Ny%m3cbekq6Niw7E+LUTvU(2~e0`UA`j?wL zCSGrmHxM{8e6!)9Td`3!R97kji?);@w2?uGpPs{F^?*AT?Cly93THi@#n5&2OFKe7 zXr=xa>(?Fq_vR)3r@=?v27e7!I1y&(rCEq)P|V&KL2*(dIeg+#j<)siuoVYn)0-uf zCowWy0kzY7Z1j3Bk(7|$p{UVK8e1Q7@!Ulw z{hi|>tl{dO4rH0?-y-0pjT%KdAU-?Q+MPck9!6<}!rM2Qq{KudG?)LRV2H`#u!7D; zlG&hDE=}X{SXi~0Ema8{&t_894N)>55-vSsa0eu|{0PQlbMVs^40xzJqQ^Or`Dm}y zSy932GMp>XH-kCTi~%>YTl`#aPJRdg=RcTH}rwb< zHpe0Hn*vm9P5s$E13nalzwxf_&+z@tCdnWPw>K2;3D5KC8uMQ)j^#2U3O|Zs&SlWq zRK%&<82BFiZqGNqjy~DXAxS6y47$A5Oc2W;`6;LNf^-zxLfNI;F#yr`>Aw%5g?zqD z&Qmno7WWzi1w!*0;h|64Wn_RuS~-d$TR;+y9{$VV2{Ct|zH68N2@5MMP=j7de5ip1AuEBvEK_3Y^%bQ{@&$ zKq!&F|7w0fQ&O#k#M)fjzDx!(gIGdo(A+z185bP>?P0gHV_muobL7#CL59cI&g6!! z15LQUl_nB$KK`PtwA@MviBWH zl9nYNy-@oaplcst-_%)sOJ8>>Vn$=$_ibO2XkXGdfoKNOn1>t!!*{zf2^4SO@BAky_pw_- zF@0JNiCyL0qt(*LE}nl~yzmBpVh_%dC0a395v`4t-T4@q2IRgaX+yGK30ke@#~=2D z?q`+c&Cb@vX?KBDLT8J8EkrUhUV=XM=OmsP7XaQxM>rGy`#ytdX)j;gH)39gqAk*H zkY0#0>W5c43Cci1UK~QrT?Nu!5I-{85?pjU1(`BLsRj=5Wp*29yo7ZBh~EcY#JH&a;R@FM^zDF*e9=8*za0jRU;$XB z9w5r~iZ6L4VO_nhRaEA6;0*H49R95_f*hHWsBXMWeb|9|gdA@*61xTI-0V=W5Os~~ z!=i&#pmgqRpE4y-5BSZsl`;2luAmG-jCFwjc^mKdiZ2VaNbdn~Pg*LGVqspMPfw+? zO%xjV#}|lAcJs2(KR*I%4*5}@KVcB~@(l|jT|kohI8a=P316}0R^#m@0cp%Yf_bo; zB7Nm1ZY(Y+pIrioA>MaA`ja@$7k;p{=qz?mbF!l2Ys!Nz%J@8jU6rODF(xp(;GsYV zpGWOR>0UIULBCm6=8SV*KMAh38FOYHo-rNa&lYS@LM0B+Nv~?nwDR{Vk7+-c@aQko zV`*d$>O_pAq^2_7#rr0P(=*tuQBZ_d+D|>9dj17#G2gkYzzgzQZr!?{Z7}I1zYzjX zID9XR(dI?<#u&Ob^(W)qQj%+HlJVz2*_TN4iS<9MYGRJdJ_9Er1-{h54Z5l)-4pT< z!~NEsp?w=rvx>hsYPKII{K9ffiZsqfehAUlzsZ`&24SC1_$?8LCFEUhK@6___Qt;A zN(oEeYd=_Iz2K@fuIf$CSOeHDbFq$kY*XAD55IBTi%t!%xeRHN zWcs8VpM_FAy9)Ak#*MC|MJkvJM`_H7)e6=bBorNUf9rGxX4yl-kBU=gje1Lr#l{(# z<|3-llt!frDtUrJWEJ#L7i)tv{R3pKW&iZ)Bl-IB3z?znCH6C0dJ1$&jQHVLO3(k4 zHyUj^_$Qw%t7bAZUCk?5e<@xtR94*g?)lwgi-WP7CoN9d%~p(93j<>o!IbRoUdVoUoo?Ecno}X7Dk`OHFOo z%gu0+MiCa%Bv!9nKmNsWY_#d8D_V7m#)y|{+()XZbmSX~@K>_@TQg#Ir0=D@_0PXt z_NaFUkECkANk^a9g^KBW3&#~!%s}XstUEuo^)-<3JRCbDZ1YdXcY1F79r!%lzJeB& zLy9KCQkwM>yvyTQGEq6bhfapC<93YAbjNI-_U0M87s^ob$3Fkghx!kkRHQR;!2%N^ z)E{5if?*FXkIVw%b=~gyj8qTk`FI74u@}aiSb#4-eh1uN&TX6x$*7#pF{qBXKU$~6 zXI_tH&-s^;A}Dm6g+8sgJ~r(#ylC;swrIF31OX@W}=Kp8&LQzk+}(z@f(3Tv_DnBNP&j z((qSvxTI8pVpV>xLq3RMT4uNtG7$mCP`LDoG}6nZkNc>r@NrSbp+Y)Oj58x3E|8bH)516EgCUUqE}?!uKR}Yn z{|Og2vLpN);1zZyuMK6GnW`4n9$+S`%v!?}tt`sQG{<9!@&(oTd6wxYk9f*Fa1U01 zKs-T_uwHg+ZqhtfvQV;|ABt0_%cALO1{XH5u_+a5em(EH$877HD2QqKHBXGaZ=K0( ze~7Vwr6~8ULqK$Him-)*O08AHp!fa-YcgSCS%(rbKch3KP@i7CJe1<5=OQN^@5q*# zmR3E)(3Sj&;@>^!|_z2ZYza-q4D5 zUq%#88s{T3jT8~1CFDW`wwoO7r+N8PF-|=TI-fz`(8@N#_eum~Ghpryt(pWoC+xG? zZYuly8-Fvc0nTW`Io?(BhK`$2$H@k~&X{UJ&_3d_Y`_%fDC3cG)u*JGvtW7ip`p=8 zhL@15`+NTu88SaBQ=60h$(vqxE{P@Udvhoge}CR9Ls))w<%_T`-VBo@n2?`A_bRu3 zP)6ivj&ynR_XhedMzW9-^V?$dsxUxyj`igjrdOPWRE5$f)G{tu@mP1eIp(NXV)bR< z%GcPt#)QCi;de{+hgsgPbV3J4KQ=428j&dc$%81+m3Wl`vwW)_=6d^Uf+4y=CWV;w z90`_nB1B&vIBBoV$J#zy|0lVUX}@9jL#{+B6w)z6V(spGq=8Or_MTb22aYoDi@if- zT7Om-+T`y(SRzvEb&~ilgqPk<_48T{am-1K%eDv`O`GX<{1Av6)AmKdHnpEc>NU#u zAK4L0f6YX@7m%wH`LrueSM@}5?~y6}O01Dd(ikYn;9!Vv=4X6q2z;Eh6?j^54NwjM zqdII6c2RIqiVp%(=8JW+DQUWnGXwUh+zBX1XB}h1n~Hr zaWi3Lq+$!SF(sgxysf~n9;G9%YLS_qyp_=N&lV(B_0n?~gGOawv}j?+TaDUS%1Ru*2f=+p5j>}VQQZ9>-zItK?w0=>Hqi8bzju`r3f z5%<_j2#PAdYxWdXITqa?pp%8p>q(OJ$7zkD2xs^b!z`UEiE9b3x1}4$kXuLcXzJuv z?VVxo$!5r;?xz`&Zp#|19un+cND<%%7A$@`6e>TrSkyAv&TsGq{emjJ+ZJbu+ij>u z9F@ft8i@IT{MJL%UW6e*E91^)DAK3vHeI!{%LygB%T4ZUcbmC@nAlP3L_hBF+c0}% zrkLL(?#61xi_G5g=H}JWm0Tfpe>zIn+QA__q(G1j-QVLgaj^$eG*{TFke_i`un?Eb;ZIYO52as}J%j-)GZ&6?EtlAO{?`KA5Oi=4|z*`ki z62iXjHrZF^@Al*tRwVzW1ro2uGcTnzNFY3%>rN@VpI|&C zGPITqygxoa-jej==C-`N4*|$fr2eO=VC<;_d$zSGCkP1v;`eQ$STygIx3^_6JR5J} z|8}wc1owx`ZXAfur=a^Sz>Ee5q(ECEJM2@2y58HnBz~W0FR-w(y}GZXi&&~=#4&V- zJ6|ZOLgr?$jgRUVk_;OK_jyV{NHh~vjYs#Fsg3hP{@z6-Z-IA0`g;RMDlvsmNhF~J zVlQS3Q5j7V-3ZBKWJZN5;agT!GG^*U8R46exDrZZ$ zBG5VJ@)6w%>f}?jPOtV)rcdYr%7Z*L5{128r?c_a;oK<**Xool*aJ#nD!~z?Z>{ZK zxM5ZN&_5y%pHlQ~GCS;<@QsItl&HHH?C^X)jYqO0je^OOrJ!#c?ATlF z#}$>Liw)b~u7&`xpAM)GXj?^NGYeD+8LGyvTU#DTZiLmFG>#*RZ=@m$-KGP%dN zv5KSzxtD1P$bvadvn|=3=B&jNdm$6KJ2?>>w0lqyI%b+`3yi<+ru~N@ga=Te)rheY z0P#N1!Ephs1^8N7)VR7aspDlP`&X*}s6rYpp}hv#I}-d_&7aFY$hcbs*l8u>>e@z! z_s(OUnUhKpq<6`#v@gz83%07L0B$5wUD`xNO(qg4XqOvSc2{Bi>2yO~(#brJ82?FF zJoFjOUE^kH^T}k6;~{wF5_R#30|vXs*zYy&WNTeD1e=V@ynW8oKs8n ze7RP}o};N&e`RsCdSlm@0IXD7r7MnBUWWV!NpXmW7*{k|M4`r#0e5KajyMXlCNl}e zY$JmF(o-rO%t?WBi|NcG+k8N z!3|!GDkmd?HDKH(`RI^h4@|Hmf0EZ?8Dpeyt6jaQO&&_kwzOwlr&g$k`ly1e&o#6; zvaCDLZQ^GZdvnBzAwZL>MZ!u*^r4a&#-jI6*OdB`V+NE!>@4p$lC$#0EER^K{?{0@ zCKIl*aECjkaGo~&nUybJP~8f-*XDL!YWqm;{;{u8ZoYdeqv^k3 zAKHe)#$1`*k8*M#?`mq7641jF>5MX z&nbV%o5aWE$|$;`XXB4?MYktG%gpOZgDScuGl=Sw8FW{>g9T=?0iSklj55mPcz%Mq zcj~I?6#j&F6D%atUvwyC#hYY^bMrZvdX!g+?#a~t$`mwx;ejkiXI~=x@EvU(xP{5l zj-IID!o-A}Dz$sI5UR>*0lbPBfOSqvaLKKkx~lJbH{6+1xzi!cui5Ogo`zwp*2+Ha z*LOE@oqM3vP??Mt==)?XE5WtCHtlCmT$R8p9~HW_7%U8QX=)$BJGSMs!Mvrq2){iP z1+>OJrUe`fa5P#pggKfUc2!#C7A^$ngh&czGQv*%d#4aSU6i)~;GILZq8g6Cz^!1e zjK~)GEMxarG4lwPBk*3mb!D%`aKl|=AR$P!b_47~YD%rWv(o2qk_m>wG42spWHJU` zspR?#A}LlwvNXl)L4Qoyf!EgcO@#645B!=k$D|(cP_i@j`wyV&1{}?!{1o z+MNx!+Ka3-Y8XR;!!rmMaqRHdxO+ZVXABy(V=S0m6_HjJ*tPfUrso_4Juyg`uU}tA z`^9_XtI?43xAd4gV}pr&Z!?T%AL8NG(rox#y|5{$u3Bm@DsGnD$&p?R^**%fPE0*B z$HswagCo*qo%7ETozx(B$_Aa}+h2BQ$Xfw|By1vJGDoQQ4;4{<`+YmU?+m0Sy?r|& zc+B6rskMPcylaw&ulaEE-}KIE0Rb?81v8;A+Gpqd^~f%i8?8V$)lNVtXn}`hgH?D=F}mZ(suJ z9x~j}+|RfAwLIiu<45F|C4e{Os%<*N=?91$pK!IC>66F?AEOC6P9X$LbrgV%Os%d0 zGD)_eExSIa6U8Z z7gO~*17yiQRrL5GU6IJ5*>JN8_Gx%Zd@{);j5@W`>zruc5HeS0^BoPgmCml5@(gD} z;}u(f<4~uP_K11I~m>ZF#=)8!YfeC=33t!S)l(Jj6(TDtC$FpRkYjj z2($Y*3CdlFNKuCcM|B4R`VlN zhC`8@OXoTMbgRi$2C4p&Pq2Y6FC{ZOI@}3A*bb$-AnZIn2Rv5}}uv>68Cf0BUGDa)YS-@e354|4T z&zXq9P@uqf;cG?ML?)J~{SG^8H!}(U9Kkn;AkH%gdJ+HB)gqgtD7TBPD7Wp@z9yu= z@s)gpB(Y$gL@5_&hrDKiTjZmEIQPHw_}^{Y#)*{u*y13VJ_C} zW86?X2e1&_p@CtI1N&DlW z=BF4v<4YH{+5LncH~XdHAJiJ6E=^rIoRr;Yh4#Fpsb5&bUv$!Z*o8=kC5V}kd-&e? z)rL!Rv{R_XT_U2ID`Y%M!-A4sH)&3ddopkrcK4Y%5n5{#Gkp}f_k3~kK}WF~cesu? ztBq&C-DKdE-Ox{+FYir zBd=uR?SaiI#_WZHt$Nmpzd!bOPl&MinaUo zJakL>54hBm;1jlK=@H74)e;f@q^sD&592w%!dJPH-`)zbS*X6kxUAP6n^uY}Ajk#4vD4rl5(M60 ziot5FX7`k#Pr7u2o-KXl2u#@7s8jvD2XX?2nz zz5<+fqN1-0G|Mbw3;2ZOCi3X>K<8|}K!9jKq>^~IsW+l?+cpqn4aez~n1*+O@b*YN z^7T@_5);3afBGo&1otKQxeYk6`viHv`C=$FjA3{ky3=m%O%ajuYe+q}ycc?%w#Wj2 z3j6?K@|BY%;#d;@Lpd;(!V)goP&N;Pe;n+AILL6c)S*@}Cs^C$Hv=4Q)@Boqslb+# z(+1sGKLO1~{fu8B_|9s-jQ5udlAk?VW`94r!i*WqS!HNmzBiy}`j$OzeL1D0RdG3R ztB=vggbvq9hB7&XJFsk#jVDNFunukm>p^c?_vRO z70zeL7VqSJT!gssU@$?VegI}#8EX*$3hFe&s0#(B@ms74cGz1a6)FAbBE^ z!*W+@a~F`uezv*cz3vDj3u#(Qk;5kbWBdv<4uVnH>>nnbc zQ!yY%UOkV`$26I|ta2uauaeRQ?@MPx`t#A41uk2aaRO1iXYntYuuHV5Q3G@r%58+= zG1_{`haLA?+fh}{>hEr)G*dr_R^Gv7y)n*yfQ=dF0%(f%((agM-U7bp5I)2U7@_9+ zS<5{0xF(YMN&HRdG8x@U$w5CzvjhuAJ(`O_TOf=H7Mx>QU;Ax7sugy2OXp~L>k~Al0CT9eCS8p>eSFo zm;?s)jjpa4JzE-4aJ6++FMnIItPU&yG!?;fPGrGUA5;rUW?SS7%XPytvvxGx1H*?D zzDQ0vzbR&m#em&}`w++okGq;2X0<`T|3MW-?FvS>v}%>sNT`_8D0S=4vNAdNE!A?QwA z#1U7pXh3S|73R?w?x|^q0F}t!1KCfsX3yf6Qt=;pR4XD8V@4~ud#JkX0uyq{C1TEm zlm*rVvOo<*jdb*!Yz;FJPu`!gAH=XtkGHfI3uL^1UJkZU9_B^C9vZ8GDju;^3Y*j< zcNvrkgqpvf#rdHFsLylgC=e&uF7p=Mi_z+0AkwixcFokK&%I?R7OY%9tpCE>zEh)@ z4iyFam~zIoCSpOZgQYhcHR={GdWJx2?l8l<9@7G}E<+oUK`pHRe=KMpKRJ+n@s~5Go_U1hEd%p`(JPU$K8z8k4@C7kMPUu`y1a_sz$+rXo@m&ZT>)_QH?OMi zNil!!yNgQv?YES&@V^UH>L2Xt5`GYd!hV9RH9MoalHIakfMR9u8pJbhTItO#vXK*9 zY`R~ee}6!DXWH9HOD@$5%3i^tsg^iRjJQ27&@KF_|Dig*K{|5sWmO?0!lEpSZ95ousKRTscta&IK7M_Rld>NoAh5sSIUf}wq zVe_kb_l~j$Z_F-8WtsR${CdqY&kL=M1B2<00U6}8T2XwXR?@r%gdy` z=YkbG@cpDoP?m$+8c}k0H{qg>^}y)9@5o;eF@`%Bs90&{X>&TX90BZ62DOl?PRBW< zydT-N5SGj2RUG??e}x0S1qqDX7$u&ia9(3!+`YKsrBob1nT$nPVkENF`W_i1qK;Ks zS(r7{Ss6FTu9_$L{4Vrx_zNonoi0cyrcTa<9Fqfq>Ido|U>%59V}aZ~Yn`S!W@D5p zI>$45yafh^2qh^ZsN6XEuETYtI)%-?@5ysju6ZLl%Hsr*Nc^AUmWfKa^h7VC|n6A{5s#-CM@=@CjR98uDjCQEOoEE zC?&g~=r507C_-mNt3)MeZDf+696dfU3tT*xcaezQX@Ol$_N-gEDtjTt`A!$b!RiaP z^CB`hvCWB$YQ76WNtE%3aCk64=ugUZcQPy;&ob1I#Ou2#F;M$Osiju)-lifsu$5VS zLNFD&*9q^MmxLE-6${fUMqDSMBG<8$-u16$2l;#D#bXpS2};4sG+tt5fu(1~S!Hp2 z)@YqaQH12$div;{rv7qGom1D6JhyV~s z!E*T2M;x5ExT^wnT9HOlc(p7|ax`ZVPgW*381s-%)tMLlsha%GOEe1XGJ*YVp0yGQ%$b)R)v&;%9%zUJu z331s{4^J3G3>tV5wF}Q{hjZ*47|sjp;VP~tG7motD<7zp!7eB~aG1|2!V4ZIrX^Kt z%r(2~Q(l8d#Gy`)TEm0%LhkPd(k|GSu3>wm{z2r^?L|o$s|#z^I6=luWVaN|IDxJj z`gt>GFGT+RWCGy7njd0FV>!WP!ShOV<6sLpQ!wTBH?5W%idLPS@l+HMPRZ<#DJV{_ zlVxQ@m3YW5j^arv{LMk;FN$3Dejy(^|F4tIPdU@X)J^>6Kh*=u*JlX^?71~_?O&6Hy~i} z`Eco==~WI>_Yp)caH=S@#fO;v`MM;C#2~6+Y2iML0D1feF<*X95|+~M^xObI|4kMHQ1lu{6CjpB-mFVKMYU+@P989kf=mK zW8s2e<^L_GAaKp{zls2nQ9z>*W>>@X-y)#Z1CamA|E&e|%l~ghcfe}z7Z>;Af>h&; zR_D7j|Ip8e7BEEBC%Nixx5ZaTaY257x?l2>Y z)v~se*5Y_Hdfv1}PmyUC;K{$q^ZKu^*7;PmGMqS+(fw(GRPyZBImhodAqj5hwp(pK?KeZ$n3or?!^ba;~A3a zKcaBhY?eu9TU~l7^g1UO_kU;du8)gy($A6jUln+kA~u`t^U5{q2Ju4oDz5vG_|r-Z zWw7?HMksRBRdlOB(Z(ro4DAZDv$MvBkAqo1s+j+YLqyT5DV`bkbwqG7$(zklCv<9q4TkK19a{;jmc7_&aNGY@mLC7 zfK8dcCGNqx<5Yu7@Ea@>hsUk?N{vyd*X@kBlB(*VGi`ZRB87ZP-4x%NjOXQA)0B*( zCmU>ajr9t1%fqJUL4q_r(~s+AL}el`+qQFdjZUu?H8$Gps*d|~Pr}N#njwNjX@(Bv z%9cYM_m8&+leg!)L%iztUa5#1-hbU+25Td}5VtZl@cX>FwOo(V9Dv?TN@*#zYfd7$ zEa)^yAC1npd##qU+Oho*+@Eo)tD3I7Tc2_-!1`%U63Jgc`tu*@beFHMq?A+wC|tem zwDbMh>Si;Y?;brh$M?O(g5Pdi!1cv$t9$D@!?rUXG@6Q#NCaoD-}>tin=46~n%^^uD)T(p=SI1gJ0DIZ4kM}k;jKXa?ez~w^V&RZ9i`&~E4TI<<8Yonn+v2X6l%FZaZI%+ylEza<30FY;n4VP)NnnZgT7g zu>m^`pou9k5q)=AnDG-e3gr*--uulI|H1E20_GP0f%1@C*!VysR)zq-wAeS9Y&c@+arOG(Mt8O{H8n~2BbHht+PVnwR?8~{fj_xkGf!*@YN4U{M#bYoF) zE0CI+I={VrJ*q}H6tR$tg=J2L!4vZKkpRmQcTeOWVqqrJM$~Mh&6+~!H$HQ}l7|MX zrSu_5iY((8|8EVj5TpT#L~f_td}R#((YgYZfXxp;sO1RPr}8MK00(WP98Trf(ppz1 z^-zZch{OHTL?ba_W_NQ1D4#GzjGJt?HeH)MJ@<#>#q{|ew*wuPbXp-pm9W2VCl5%i$x1^U^lP)*h)U6pdTcyW;gA+}mu4?b|$kz+-7^Ny2PL$`vwj15x zBJ`qBWOTmJ;tBMdc6D)Sv_<>*sn`YPKcyR=iW>-$ZnEhLt?!8;P<-CQTVa5!Aj2nW zA?;qkN~^Qg@l0N5N#yNu=gS4lj{}L*FI&3vE%`w)wIOD0 z7;2W(tQJUwJM4>Hs?SBxBl@qa{p0;5T7S^VsX8-B703xeS00%?P+RD6vFG{uPQuv0 z8DBsuh4IIj#8KdOteUR-05qA^YNORsr70{HpHDUFpDeTIY>9scnz(cG8X6kp zO73?j3x{@(5G2&Ns!}o#P==hKXoXSU)U-Cxrz!4Spc=g)M&JB)uYdd%=9v>D3Htk6P08tbl25xtZktim4(Z^@0h_8@4n= z=(|p9|2Rw>tjp#@IULYvcfn%ZYwdBmr0O_wY(7rmbzDo187 zF|rj8o{4unlX)zZ_~w@M*=Hl&g|eQr9_9U@OOew_nLg#f@F?skytU7E-E==(@ATG! zDrRJ{VG|fwJ@8qW=atjh87wIYlflgrayg-9lEZM3Lx5#|QLb)X+tXxbW*+xJu(Y?- zBrK9!;$En=T>Y!uP?w+IKfmWOPcc_Avv;xQ{3Kd8RXV54Qz-WXnbY|W|G~ak?L)HY zaGLe*MEc}xxhAiTurr(x@Y+P-bMaLil@~xao%}A`F9eXy1`DA1r*FXns4gV_P7KiS zf};&i>%5DuytlzJ$6XWyZM1IXoB4~P9rd~^PW$Et4BJ8E1xa}Zb~0jIwB`SCMx3&6 zRmY3JfSS9l{<)j3cL?)>hpbYlB=vm|p$f87@eY zDNC#K8*kB$1GHletiK%48Z_rftB_p$0l@(nVFC^0kmVufx9BmddHUKF9{-~;SYg~g zv|~-D&LaN<^+0G3bmdBZ?z1E`C1Z*H7pB#ag77VODAVHh$u z0RB%nzSccnD8#p5{Lt^g!k-HQ5SHNp$m}KBHAQ_P|Igo_$ijb+tefg=@L;O$zu-@x z7c>!MnzaVO|JS{}&kkw7^Kkzc{{itpjR&=v;4%L99xJ{72b2QpwCwAU1sxdZM^aQy Kq*6#f;Qs-o%MjrJ From bdc5decd263b9895f2f0aeadd77c0f340f3e4dd4 Mon Sep 17 00:00:00 2001 From: Ari Attias Date: Tue, 17 Dec 2024 11:47:18 +0200 Subject: [PATCH 56/63] Update storage-class-configurations.md Removed the note about unique fs names across multiple clusters because it is irrelevant to the architecture. --- docs/storage-class-configurations.md | 2 -- 1 file changed, 2 deletions(-) diff --git a/docs/storage-class-configurations.md b/docs/storage-class-configurations.md index 287b9435d..67e9e0f98 100644 --- a/docs/storage-class-configurations.md +++ b/docs/storage-class-configurations.md @@ -129,8 +129,6 @@ Kubernetes storage integration with WEKA: WekaFS and NFS transport modes #### Prerequisites For NFS transport, the WEKA cluster must support NFS. Refer to the documentation at [Additional protocol containers](https://docs.weka.io/additional-protocols/additional-protocols-overview). ->**Note**: ->Filesystem names used for k8s (defined in the storage classes) must be unique across all clusters. #### Procedure From d683feac960673c07336a4f8526c755c9df8ff29 Mon Sep 17 00:00:00 2001 From: Ari Attias Date: Tue, 17 Dec 2024 11:53:49 +0200 Subject: [PATCH 57/63] Update storage-class-configurations.md Updated the section: Kubernetes Storage Integration with WEKA: WekaFS and NFS Transport Modes --- docs/storage-class-configurations.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/storage-class-configurations.md b/docs/storage-class-configurations.md index 67e9e0f98..188ae65fd 100644 --- a/docs/storage-class-configurations.md +++ b/docs/storage-class-configurations.md @@ -115,11 +115,11 @@ All values in the secret data file must be in base64-encoded format. ## Kubernetes storage integration with WEKA: WekaFS and NFS transport modes -The architecture diagram illustrates two Kubernetes (k8s) worker nodes connected to a WEKA cluster via different data transport mechanisms. The first node uses the WEKA CSI Plugin with seven WEKA clients, communicating through WekaFS. The second node uses a kernel NFS driver to connect to the WEKA cluster via an NFS protocol server (gateway). +The architecture diagram illustrates two Kubernetes (k8s) worker nodes connected to a WEKA cluster via the WEKA CSI Plugin, each using different transport mechanisms. The first node includes up to seven WEKA clients, communicating with the WEKA cluster through WekaFS. The second node uses a kernel NFS driver, which interacts with the WEKA cluster via an NFS protocol server (gateway). -When the WEKA CSI Plugin uses a WEKA client, WekaFS is the data transport. If the WEKA driver cannot be installed, the CSI Plugin switches to NFS failback mode. In this mode, the CSI Plugin retains its functionality but uses NFS for data transport. +The WEKA CSI Plugin enables seamless communication with the WEKA cluster, regardless of the transport mode. When using WEKA clients, WekaFS serves as the data transport. If the WEKA driver is not applicable, the CSI Plugin detects this and automatically switches to NFS failback mode. In this configuration, the CSI Plugin retains full functionality but uses NFS for data transport instead of WekaFS. -This approach allows multiple Kubernetes worker nodes to access the same WEKA storage cluster, even when using different transport modes. It ensures flexibility, supporting environments where WekaFS is not feasible. +This architecture allows multiple Kubernetes worker nodes to work with the same WEKA storage cluster, leveraging different transport modes as needed. It provides flexibility for environments where WekaFS installation may not be feasible. >**Note**: >NFS has limitations, such as .snapshots not being supported with Ganesha, which blocks snapshot-backed volumes and creating volumes from snapshots. From 3d7f8d2256af57e4f55939f019106cd265018741 Mon Sep 17 00:00:00 2001 From: Ari Attias Date: Sun, 22 Dec 2024 08:18:26 +0200 Subject: [PATCH 58/63] Update deployment.md (per David's comment) We have added a prerequisite: The WEKA CSI container must run as the root user to enable the management of WEKA filesystem mounts at the Worker Node level. --- docs/deployment.md | 1 + 1 file changed, 1 insertion(+) diff --git a/docs/deployment.md b/docs/deployment.md index 429a51d5f..d25985000 100644 --- a/docs/deployment.md +++ b/docs/deployment.md @@ -10,6 +10,7 @@ Ensure the following prerequisites are met: * For snapshot and directory backing, a filesystem must be pre-defined on the WEKA cluster. * For filesystem backing, a filesystem group must be pre-defined on the WEKA cluster. * Your workstation has a valid connection to the Kubernetes worker nodes. +* The WEKA CSI container must run as the root user to enable the management of WEKA filesystem mounts at the Worker Node level. ### Prerequisites for using WekaFS transport From 2f535cc504f298160d755d1ca1a5ebc36d70f3c7 Mon Sep 17 00:00:00 2001 From: Ari Attias Date: Sun, 22 Dec 2024 08:21:43 +0200 Subject: [PATCH 59/63] Update deployment.md: modified title New title: Deployment and upgrade workflows. So we can add this as a reference to the main README.md --- docs/deployment.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/deployment.md b/docs/deployment.md index d25985000..042f6f56c 100644 --- a/docs/deployment.md +++ b/docs/deployment.md @@ -1,4 +1,4 @@ -# Deployment +# Deployment and upgrade workflows ## Prerequisites From a8a09e5fa02f5a943e911a86f57feb13a6b90c05 Mon Sep 17 00:00:00 2001 From: Ari Attias Date: Sun, 22 Dec 2024 08:32:59 +0200 Subject: [PATCH 60/63] Update README.md.gotmpl I added a reference to the deployment page in the docs. Revised the line under building the binaries --- README.md.gotmpl | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/README.md.gotmpl b/README.md.gotmpl index 1d0da8a81..ec66752f3 100644 --- a/README.md.gotmpl +++ b/README.md.gotmpl @@ -13,11 +13,12 @@ ## Pre-requisite - Kubernetes cluster of version 1.20 or later is recommended. Minimum version is 1.17 - Access to terminal with `kubectl` installed -- Weka system pre-configured and Weka client installed and registered in cluster for each Kubernetes node +- WEKA system pre-configured and WEKA client installed and registered in cluster for each Kubernetes node - Both AMD64 and ARM64 platforms are supported ## Deployment - [Helm public repo](https://artifacthub.io/packages/helm/csi-wekafs/csi-wekafsplugin) (recommended) +- [Deployment and upgrade workflows](docs/deployment-and-upgrade-workflows.md) - [Helm-based local deployment](charts/csi-wekafsplugin/LOCAL.md) ## Usage @@ -26,7 +27,7 @@ - [Using Weka CSI Plugin with NFS transport](docs/NFS.md) ## Building the binaries -If you want to build the driver yourself, you can do so with the following command from the root directory: +To build the driver, run the following command from the root directory: ```console make build From 2cd55aa62f29c3bb64528f0037de740b852c3ccf Mon Sep 17 00:00:00 2001 From: Ari Attias Date: Sun, 22 Dec 2024 08:37:29 +0200 Subject: [PATCH 61/63] Update README.md Revised the opening line. --- README.md | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index f0ecae7ec..e3647aaed 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,5 @@ # CSI WekaFS Driver -Helm chart for Deployment of WekaIO Container Storage Interface (CSI) plugin for WekaFS - the world fastest filesystem +Helm chart for deploying the WEKA Container Storage Interface (CSI) plugin for WekaFS, the world's fastest filesystem. ![Version: 2.5.1-SNAPSHOT.44.0a35d77](https://img.shields.io/badge/Version-2.5.1--SNAPSHOT.44.0a35d77-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: v2.5.1-SNAPSHOT.44.0a35d77](https://img.shields.io/badge/AppVersion-v2.5.1--SNAPSHOT.44.0a35d77-informational?style=flat-square) [![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg)](https://opensource.org/licenses/Apache-2.0) @@ -17,20 +17,21 @@ https://github.com/weka/csi-wekafs ## Pre-requisite - Kubernetes cluster of version 1.20 or later is recommended. Minimum version is 1.17 - Access to terminal with `kubectl` installed -- Weka system pre-configured and Weka client installed and registered in cluster for each Kubernetes node +- WEKA system pre-configured and WEKA client installed and registered in cluster for each Kubernetes node - Both AMD64 and ARM64 platforms are supported ## Deployment - [Helm public repo](https://artifacthub.io/packages/helm/csi-wekafs/csi-wekafsplugin) (recommended) +- [Deployment and upgrade workflows](docs/deployment-and-upgrade-workflows.md) - [Helm-based local deployment](charts/csi-wekafsplugin/LOCAL.md) ## Usage - [Deploy an Example application](docs/usage.md) - [SELinux Support & Installation Notes](selinux/README.md) -- [Using Weka CSI Plugin with NFS transport](docs/NFS.md) +- [WEKA CSI Plugin with NFS transport](docs/NFS.md) ## Building the binaries -If you want to build the driver yourself, you can do so with the following command from the root directory: +To build the driver, run the following command from the root directory: ```console make build From 448ffaaba8a13c2edf51c4d65ad5b9a8cf504e45 Mon Sep 17 00:00:00 2001 From: Ari Attias Date: Sun, 22 Dec 2024 08:39:10 +0200 Subject: [PATCH 62/63] Update README.md-fix link --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index e3647aaed..e0ed37155 100644 --- a/README.md +++ b/README.md @@ -22,7 +22,7 @@ https://github.com/weka/csi-wekafs ## Deployment - [Helm public repo](https://artifacthub.io/packages/helm/csi-wekafs/csi-wekafsplugin) (recommended) -- [Deployment and upgrade workflows](docs/deployment-and-upgrade-workflows.md) +- [Deployment and upgrade workflows](docs/deployment.md) - [Helm-based local deployment](charts/csi-wekafsplugin/LOCAL.md) ## Usage From 5d26eb5a5223ac2a4e6d6841df4cbb1e8008c3bc Mon Sep 17 00:00:00 2001 From: Ari Attias Date: Sun, 22 Dec 2024 08:39:55 +0200 Subject: [PATCH 63/63] Update README.md.gotmpl-fix link --- README.md.gotmpl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md.gotmpl b/README.md.gotmpl index ec66752f3..adb4dec45 100644 --- a/README.md.gotmpl +++ b/README.md.gotmpl @@ -18,7 +18,7 @@ ## Deployment - [Helm public repo](https://artifacthub.io/packages/helm/csi-wekafs/csi-wekafsplugin) (recommended) -- [Deployment and upgrade workflows](docs/deployment-and-upgrade-workflows.md) +- [Deployment and upgrade workflows](docs/deployment.md) - [Helm-based local deployment](charts/csi-wekafsplugin/LOCAL.md) ## Usage