From 0accab56fa0a75f8efe60590f61edc196cd7bf24 Mon Sep 17 00:00:00 2001
From: Nick Veitch <nick.veitch@canonical.com>
Date: Mon, 9 Sep 2024 12:22:19 +0100
Subject: [PATCH 01/45] Add epa-howto

---
 docs/src/snap/howto/epa.md | 1016 ++++++++++++++++++++++++++++++++++++
 1 file changed, 1016 insertions(+)
 create mode 100644 docs/src/snap/howto/epa.md

diff --git a/docs/src/snap/howto/epa.md b/docs/src/snap/howto/epa.md
new file mode 100644
index 000000000..3e79486e6
--- /dev/null
+++ b/docs/src/snap/howto/epa.md
@@ -0,0 +1,1016 @@
+# How to set up Enhanced Platform Awareness
+
+This section explains how to set up the EPA features in a {{product}} cluster. 
+
+The content starts with the setup of the environment (including steps for using [MAAS][]). Then the setup of {{product}}, including the Multus & SR-IOV/DPDK networking components. Finally, the steps needed to test every EPA feature: HugePages, Real-time Kernel, CPU Pinning / Numa Topology Awareness and SR-IOV/DPDK. 
+
+## What you'll need
+
+- An Ubuntu Pro subscription (required for real-time kernel)
+- Ubuntu instances **or** a MAAS environment to run {product} on 
+
+
+## Prepare the Environment 
+
+
+`````{tabs}
+````{group-tab} Ubuntu
+
+First, run the `numactl` command to get the number of CPUs available for NUMA: 
+
+```
+numactl -s
+```
+
+This example output shows that there are 32 CPUs available for NUMA:
+
+```
+policy: default
+preferred node: current
+physcpubind: 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31
+cpubind: 0 1
+nodebind: 0 1
+membind: 0 1
+```
+
+```{dropdown} Detailed explanation of output
+
+- `policy: default`: indicates that the system is using the default NUMA policy. The default policy typically tries to allocate memory on the same node as the processor executing a task, but it can fall back to other nodes if necessary.  
+- `preferred node: current`: processes will prefer to allocate memory from the current node (the node where the process is running). However, if memory is not available on the current node, it can be allocated from other nodes.  
+- `physcpubind: 0 1 2 3 ... 31 `: shows the physical CPUs that processes are allowed to run on. In this case, the system has 32 physical CPUs enabled for NUMA, and processes can use any of them.  
+- `cpubind: 0 1 `: indicates the specific CPUs that the current process (meaning the process “numactl \-s”) is bound to. It's currently using CPUs 0 and 1.  
+- `nodebind: 0 1 `: shows the NUMA nodes that the current process (meaning the process “numactl \-s”) is allowed to use for memory allocation. It has access to both node 0 and node 1.  
+- `membind`: 0 1 `: confirms that the current process (meaning the process “numactl \-s”) can allocate memory from both node 0 and node 1.
+```
+
+### Enable the real-time kernel
+
+```
+sudo pro attach
+sudo apt update && sudo apt install ubuntu-advantage-tools
+sudo pro enable realtime-kernel
+```
+
+This should produce output similar to:
+
+```
+One moment, checking your subscription first
+Real-time kernel cannot be enabled with Livepatch.
+Disable Livepatch and proceed to enable Real-time kernel? (y/N) y
+Disabling incompatible service: Livepatch
+The Real-time kernel is an Ubuntu kernel with PREEMPT_RT patches integrated.
+
+This will change your kernel. To revert to your original kernel, you will need
+to make the change manually.
+
+Do you want to continue? [ default = Yes ]: (Y/n) Y
+Updating Real-time kernel package lists
+Updating standard Ubuntu package lists
+Installing Real-time kernel packages
+Real-time kernel enabled
+A reboot is required to complete install.
+```
+
+First the Ubuntu system is attached to an Ubuntu Pro subscription 
+(needed to use the real-time kernel), requiring you to enter a token 
+associated with the subscription. After successful attachment, your 
+system gains access to the Ubuntu Pro repositories, including the one 
+containing the real-time kernel packages. Once the tools and 
+real-time kernel are installed, a reboot is required to start using 
+the new kernel.
+
+### Create a configuration file to enable HugePages and CPU isolation
+
+The bootloader will need a configuration file to enable the recommended 
+boot options (explained below) to enable HugePages and CPU isolation.
+
+In this example, the host has 128 CPUs, and 2M / 1G HugePages are enabled. 
+This is the command to update the boot options and reboot the system:
+
+```
+cat <<EOF > /etc/default/grub.d/epa_kernel_options.cfg
+GRUB_CMDLINE_LINUX_DEFAULT="${GRUB_CMDLINE_LINUX_DEFAULT} intel_iommu=on iommu=pt usbcore.autosuspend=-1 selinux=0 enforcing=0 nmi_watchdog=0 crashkernel=auto softlockup_panic=0 audit=0 tsc=nowatchdog intel_pstate=disable mce=off hugepagesz=1G hugepages=1000 hugepagesz=2M hugepages=0 default_hugepagesz=1G kthread_cpus=0-31 irqaffinity=0-31 nohz=on nosoftlockup nohz_full=32-127 rcu_nocbs=32-127 rcu_nocb_poll skew_tick=1 isolcpus=managed_irq,32-127 console=tty0 console=ttyS0,115200n8"
+EOF
+sudo chmod 0644 /etc/netplan/99-sriov_vfs.yaml
+update-grub
+reboot
+```
+
+```{dropdown} Explanation of boot options
+
+-  `intel_iommu=on`: Enables Intel's Input-Output Memory Management Unit (IOMMU), which is used for device virtualization and Direct Memory Access (DMA) remapping.  
+-  `iommu=pt`: Sets the IOMMU to passthrough mode, allowing devices to directly access physical memory without translation.  
+-  `usbcore.autosuspend=-1`: Disables USB autosuspend, preventing USB devices from being automatically suspended to save power.  
+-  `selinux=0`: Disables Security-Enhanced Linux (SELinux), a security module that provides mandatory access control.  
+-  `enforcing=0`: If SELinux is enabled, this option sets it to permissive mode, where policies are not enforced but violations are logged.  
+-  `nmi_watchdog=0`: Disables the Non-Maskable Interrupt (NMI) watchdog, which is used to detect and respond to system hangs.  
+-  `crashkernel=auto`: Reserves a portion of memory for capturing a crash dump in the event of a kernel crash.  
+-  `softlockup_panic=0`: Prevents the kernel from panicking (crashing) on detecting a soft lockup, where a CPU appears to be stuck.  
+-  `audit=0`: Disables the kernel auditing system, which logs security-relevant events.  
+-  `tsc=nowatchdog`: Disables the Time Stamp Counter (TSC) watchdog, which checks for issues with the TSC.  
+-  `intel_pstate=disable`: Disables the Intel P-state driver, which controls CPU frequency scaling.  
+-  `mce=off`: Disables Machine Check Exception (MCE) handling, which detects and reports hardware errors.  
+-  `hugepagesz=1G hugepages=1000`: Allocates 1000 huge pages of 1GB each.  
+-  `hugepagesz=2M hugepages=0`: Configures huge pages of 2MB size but sets their count to 0\.  
+-  `default_hugepagesz=1G`: Sets the default size for huge pages to 1GB.  
+-  `kthread_cpus=0-31`: Restricts kernel threads to run on CPUs 0-31.  
+-  `irqaffinity=0-31`: Restricts interrupt handling to CPUs 0-31.  
+-  `nohz=on`: Enables the nohz (no timer tick) mode, reducing timer interrupts on idle CPUs.  
+-  `nosoftlockup`: Disables the detection of soft lockups.  
+-  `nohz_full=32-127`: Enables nohz\_full (full tickless) mode on CPUs 32-127, reducing timer interrupts during application processing.  
+-  `rcu_nocbs=32-127`: Offloads RCU (Read-Copy-Update) callbacks to CPUs 32-127, preventing them from running on these CPUs.  
+-  `rcu_nocb_poll`: Enables polling for RCU callbacks instead of using interrupts.  
+-  `skew_tick=1`: Skews the timer tick across CPUs to reduce contention.  
+-  `isolcpus=managed_irq,32-127`: Isolates CPUs 32-127 and assigns managed IRQs to them, reducing their involvement in system processes and dedicating them to specific workloads.  
+-  `console=tty0`: Sets the console output to the first virtual terminal.  
+-  `console=ttyS0,115200n8`: Sets the console output to the serial port ttyS0 with a baud rate of 115200, 8 data bits, no parity, and 1 stop bit.  
+```
+
+Once the reboot has taken place, ensure the HugePages configuration has been applied:
+
+```
+grep HugePages /proc/meminfo
+```
+This should  generate output indicating the number of pages allocated
+
+```
+HugePages_Total:    1000
+HugePages_Free:     1000
+HugePages_Rsvd:        0
+HugePages_Surp:        0
+```
+
+
+Next, create a configuration file to configure the network interface 
+to use SR-IOV (so it can create virtual functions afterwards) using 
+Netplan. In the example below the file is created first, then the configuration is
+applied and then the 128 virtual functions are available for use in the environment:
+
+```
+cat <<EOF > /etc/netplan/99-sriov_vfs.yaml
+      network:
+          ethernets:
+              enp152s0f1:
+                  virtual-function-count: 128
+EOF
+sudo chmod 0600 /etc/netplan/99-sriov_vfs.yaml
+sudo netplan apply
+ip link show enp152s0f1
+```
+The output of the last command should indicate the device is working and has generated the expected
+virtual functions.
+
+```
+5: enp152s0f1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 9000 qdisc mq state UP mode DEFAULT group default qlen 1000
+    link/ether 40:a6:b7:96:d8:89 brd ff:ff:ff:ff:ff:ff
+    vf 0     link/ether ae:31:7f:91:09:97 brd ff:ff:ff:ff:ff:ff, spoof checking on, link-state auto, trust off
+    vf 1     link/ether 32:09:8b:f7:07:4b brd ff:ff:ff:ff:ff:ff, spoof checking on, link-state auto, trust off
+    vf 2     link/ether 12:b9:c6:08:fc:36 brd ff:ff:ff:ff:ff:ff, spoof checking on, link-state auto, trust off
+    ..........
+    vf 125     link/ether 92:10:ff:8a:e5:0c brd ff:ff:ff:ff:ff:ff, spoof checking on, link-state auto, trust off
+    vf 126     link/ether 66:fe:ad:f2:d3:05 brd ff:ff:ff:ff:ff:ff, spoof checking on, link-state auto, trust off
+    vf 127     link/ether ca:20:00:c6:83:dd brd ff:ff:ff:ff:ff:ff, spoof checking on, link-state auto, trust off
+```
+```{dropdown} Explanation of steps
+  * Breakdown of the content of the file /etc/netplan/99-sriov\_vfs.yaml :  
+    * path: /etc/netplan/99-sriov\_vfs.yaml: This specifies the location of the configuration file. The "99" prefix in the filename usually indicates that it will be processed last, potentially overriding other configurations.  
+    * enp152s0f1:  This is the name of the physical network interface you want to create VFs on. This name may vary depending on your system.  
+    * virtual-function-count: 128: This is the key line that instructs Netplan to create 128 virtual functions on the specified physical interface. Each of these VFs can be assigned to a different virtual machine or container, effectively allowing them to share the physical adapter's bandwidth.  
+    * permissions: "0600": This is an optional line that sets the file permissions to 600 (read and write access only for the owner).  
+  * Breakdown of the output of ip link show enp152s0f1 command:  
+    * Main interface:  
+      * 5: The index number of the network interface in the system.  
+      * enp152s0f1: The name of the physical network interface.  
+      * \<BROADCAST,MULTICAST,UP,LOWER\_UP\>: The interface's flags indicating its capabilities (e.g., broadcast, multicast) and current status (UP).  
+      * mtu 9000: The maximum transmission unit (MTU) is set to 9000 bytes, larger than the typical 1500 bytes, likely for jumbo frames.  
+      * qdisc mq: The queuing discipline (qdisc) is set to "mq" (multi-queue), designed for multi-core systems.  
+      * state UP: The interface is currently active and operational.  
+      * mode DEFAULT: The interface is in the default mode of operation.  
+      * qlen 1000: The maximum number of packets allowed in the transmit queue.  
+      * link/ether 40:a6:b7:96:d8:89: The interface's MAC address (a unique hardware identifier).  
+    * Virtual functions:  
+      * vf \<number\>: The index number of the virtual function.  
+      * link/ether \<MAC address\>: The MAC address assigned to the virtual function.  
+      * spoof checking on: A security feature to prevent MAC address spoofing (pretending to be another device).  
+      * link-state auto: The link state (up/down) is determined automatically based on the physical connection.  
+      * trust off: The interface doesn't trust the incoming VLAN (Virtual LAN) tags.  
+    * Results:  
+      * Successful VF Creation: The output confirms a success creation of 128 VFs (numbered 0 through 127\) on the enp152s0f1 interface.  
+      * VF Availability: Each VF is ready for use, and they can be assigned i.e. to {{product}} containers to give them direct access to the network through this physical network interface.  
+      * MAC Addresses: Each VF has its own unique MAC address, which is essential for network communication.
+```
+
+
+* Now let’s enable DPDK, first by cloning the DPDK repo, and then placing the script that will bind the VFs to the VFIO-PCI driver in the location that will run automatically each time the system boots up, so the VFIO (Virtual Function I/O) bindings are applied consistently:
+
+```
+git clone https://github.com/DPDK/dpdk.git /home/ubuntu/dpdk
+cat <<EOF > /var/lib/cloud/scripts/per-boot/dpdk_bind.sh 
+      #!/bin/bash
+      if [ -d /home/ubuntu/dpdk ]; then
+        modprobe vfio-pci
+        vfs=$(python3 /home/ubuntu/dpdk/usertools/dpdk-devbind.py -s | grep drv=iavf | awk '{print $1}' | tail -n +11)
+        python3 /home/ubuntu/dpdk/usertools/dpdk-devbind.py --bind=vfio-pci $vfs
+      fi
+sudo chmod 0755 /var/lib/cloud/scripts/per-boot/dpdk_bind.sh
+```
+```{dropdown} Explanation 
+  * Load VFIO Module (modprobe vfio-pci): If the DPDK directory exists, the script loads the VFIO-PCI kernel module. This module is necessary for the VFIO driver to function.  
+  * The script uses the dpdk-devbind.py tool (included with DPDK) to list the available network devices and their drivers.  
+    * It filters this output using grep drv=iavf to find devices that are currently using the iavf driver (a common driver for Intel network adapters), excluding the physical network interface itself and just focusing on the virtual functions (VFs).  
+  * Bind VFs to VFIO: The script uses dpdk-devbind.py again, this time with the \--bind=vfio-pci option, to bind the identified VFs to the VFIO-PCI driver. This step essentially tells the kernel to relinquish control of these devices to DPDK.  
+```
+
+To test that the VFIO Kernel Module and DPDK are enabled:
+
+```
+lsmod | grep -E 'vfio'
+```
+
+...should indicate the kernel module is loaded
+
+```
+vfio_pci               16384  0
+vfio_pci_core          94208  1 vfio_pci
+vfio_iommu_type1       53248  0
+vfio                   73728  3 vfio_pci_core,vfio_iommu_type1,vfio_pci
+iommufd                98304  1 vfio
+irqbypass              12288  2 vfio_pci_core,kvm
+
+```
+
+Running the helper script:
+
+```
+python3 /home/ubuntu/dpdk/usertools/dpdk-devbind.py -s
+```
+
+...should return a list of network devices using DPDK:
+
+```
+Network devices using DPDK-compatible driver
+============================================
+0000:98:12.2 'Ethernet Adaptive Virtual Function 1889' drv=vfio-pci unused=iavf
+0000:98:12.3 'Ethernet Adaptive Virtual Function 1889' drv=vfio-pci unused=iavf
+0000:98:12.4 'Ethernet Adaptive Virtual Function 1889' drv=vfio-pci unused=iavf
+....
+```
+
+With these preparation steps we have enabled the features of EPA:
+
+* NUMA and CPU Pinning are available to the first 32 CPUs  
+* Real-Time Kernel is enabled  
+* HugePages are enabled and 1000 1G huge pages are available   
+* SRIOV is enabled in the enp152s0f1 interface, with 128 virtual function interfaces bound to the vfio-pci driver (that could also use the iavf driver)  
+* DPDK is enabled in all the 128 virtual function interfaces
+
+````
+
+````{group-tab} MAAS
+
+To prepare a machine for CPU isolation, Hugepages, real-time kernel, SRIOV and DPDK we leverage cloud-init through MAAS.
+
+```
+#cloud-config
+
+apt:
+  sources:
+    rtk.list:
+      source: "deb https://<launchpad_id>:<ppa_subscription_password>@private-ppa.launchpadcontent.net/canonical-kernel-rt/ppa/ubuntu jammy main"
+
+write_files:
+  # set kernel option with hugepages and cpu isolation
+  - path: /etc/default/grub.d/100-telco_kernel_options.cfg
+    content: |
+      GRUB_CMDLINE_LINUX_DEFAULT="${GRUB_CMDLINE_LINUX_DEFAULT} intel_iommu=on iommu=pt usbcore.autosuspend=-1 selinux=0 enforcing=0 nmi_watchdog=0 crashkernel=auto softlockup_panic=0 audit=0 tsc=nowatchdog intel_pstate=disable mce=off hugepagesz=1G hugepages=1000 hugepagesz=2M hugepages=0 default_hugepagesz=1G kthread_cpus=0-31 irqaffinity=0-31 nohz=on nosoftlockup nohz_full=32-127 rcu_nocbs=32-127 rcu_nocb_poll skew_tick=1 isolcpus=managed_irq,32-127 console=tty0 console=ttyS0,115200n8"
+    permissions: "0644"
+
+  # create sriov VFs
+  - path: /etc/netplan/99-sriov_vfs.yaml
+    content: |
+      network:
+          ethernets:
+              enp152s0f1:
+                  virtual-function-count: 128
+    permissions: "0600"
+
+  # ensure VFs are bound to vfio-pci driver (so they can be consumed by pods)
+  - path: /var/lib/cloud/scripts/per-boot/dpdk_bind.sh
+    content: |
+      #!/bin/bash
+      if [ -d /home/ubuntu/dpdk ]; then
+        modprobe vfio-pci
+        vfs=$(python3 /home/ubuntu/dpdk/usertools/dpdk-devbind.py -s | grep drv=iavf | awk '{print $1}' | tail -n +11)
+        python3 /home/ubuntu/dpdk/usertools/dpdk-devbind.py --bind=vfio-pci $vfs
+      fi
+    permissions: "0755"
+
+  # set proxy variables
+  - path: /etc/environment
+    content: |
+      HTTPS_PROXY=http://10.18.2.1:3128
+      HTTP_PROXY=http://10.18.2.1:3128
+      NO_PROXY=10.0.0.0/8,192.168.0.0/16,127.0.0.1,172.16.0.0/16,.svc,localhost
+      https_proxy=http://10.18.2.1:3128
+      http_proxy=http://10.18.2.1:3128
+      no_proxy=10.0.0.0/8,192.168.0.0/16,127.0.0.1,172.16.0.0/16,.svc,localhost
+    append: true
+
+  # add rtk ppa key
+  - path: /etc/apt/trusted.gpg.d/rtk.asc
+    content: |
+      -----BEGIN PGP PUBLIC KEY BLOCK-----
+      Comment: Hostname:
+      Version: Hockeypuck 2.2
+
+      xsFNBGAervwBEADHCeEuR7WKRiEII+uFOu8J+W47MZOcVhfNpu4rdcveL4qe4gj4
+      nsROMHaINeUPCmv7/4EXdXtTm1VksXeh4xTeqH6ZaQre8YZ9Hf4OYNRcnFOn0KR+
+      aCk0OWe9xkoDbrSYd3wmx8NG/Eau2C7URzYzYWwdHgZv6elUKk6RDbDh6XzIaChm
+      kLsErCP1SiYhKQvD3Q0qfXdRG908lycCxgejcJIdYxgxOYFFPcyC+kJy2OynnvQr
+      4Yw6LJ2LhwsA7bJ5hhQDCYZ4foKCXX9I59G71dO1fFit5O/0/oq0xe7yUYCejf7Z
+      OqD+TzEK4lxLr1u8j8lXoQyUXzkKIL0SWEFT4tzOFpWQ2IBs/sT4X2oVA18dPDoZ
+      H2SGxCUcABfne5zrEDgkUkbnQRihBtTyR7QRiE3GpU19RNVs6yAu+wA/hti8Pg9O
+      U/5hqifQrhJXiuEoSmmgNb9QfbR3tc0ZhKevz4y+J3vcnka6qlrP1lAirOVm2HA7
+      STGRnaEJcTama85MSIzJ6aCx4omCgUIfDmsi9nAZRkmeomERVlIAvcUYxtqprLfu
+      6plDs+aeff/MAmHbak7yF+Txj8+8F4k6FcfNBT51oVSZuqFwyLswjGVzWol6aEY7
+      akVIrn3OdN2u6VWlU4ZO5+sjP4QYsf5K2oVnzFVIpYvqtO2fGbxq/8dRJQARAQAB
+      zSVMYXVuY2hwYWQgUFBBIGZvciBDYW5vbmljYWwgS2VybmVsIFJUwsGOBBMBCgA4
+      FiEEc4Tsv+pcopCX6lNfLz1Vl/FsjCEFAmAervwCGwMFCwkIBwIGFQoJCAsCBBYC
+      AwECHgECF4AACgkQLz1Vl/FsjCF9WhAAnwfx9njs1M3rfsMMuhvPxx0WS65HDlq8
+      SRgl9K2EHtZIcS7lHmcjiTR5RD1w+4rlKZuE5J3EuMnNX1PdCYLSyMQed+7UAtX6
+      TNyuiuVZVxuzJ5iS7L2ZoX05ASgyoh/Loipc+an6HzHqQnNC16ZdrBL4AkkGhDgP
+      ZbYjM3FbBQkL2T/08NcwTrKuVz8DIxgH7yPAOpBzm91n/pV248eK0a46sKauR2DB
+      zPKjcc180qmaVWyv9C60roSslvnkZsqe/jYyDFuSsRWqGgE5jNyIb8EY7K7KraPv
+      3AkusgCh4fqlBxOvF6FJkiYeZZs5YXvGQ296HTfVhPLOqctSFX2kuUKGIq2Z+H/9
+      qfJFGS1iaUsoDEUOaU27lQg5wsYa8EsCm9otroH2P3g7435JYRbeiwlwfHMS9EfK
+      dwD38d8UzZj7TnxGG4T1aLb3Lj5tNG6DSko69+zqHhuknjkRuAxRAZfHeuRbACgE
+      nIa7Chit8EGhC2GB12pr5XFWzTvNFdxFhbG+ed7EiGn/v0pVQc0ZfE73FXltg7et
+      bkoC26o5Ksk1wK2SEs/f8aDZFtG01Ys0ASFICDGW2tusFvDs6LpPUUggMjf41s7j
+      4tKotEE1Hzr38EdY+8faRaAS9teQdH5yob5a5Bp5F5wgmpqZom/gjle4JBVaV5dI
+      N5rcnHzcvXw=
+      =asqr
+      -----END PGP PUBLIC KEY BLOCK-----
+    permissions: "0644"
+
+# install the snap
+snap:
+  commands:
+    00: 'snap install k8s --classic --channel=1.30-moonray/beta'
+
+runcmd:
+# fetch dpdk driver binding script
+- su ubuntu -c "git config --global http.proxy http://10.18.2.1:3128"
+- su ubuntu -c "git clone https://github.com/DPDK/dpdk.git /home/ubuntu/dpdk"
+- apt update
+- DEBIAN_FRONTEND=noninteractive apt install -y linux-headers-6.8.1-1004-realtime linux-image-6.8.1-1004-realtime linux-modules-6.8.1-1004-realtime linux-modules-extra-6.8.1-1004-realtime
+
+# enable kernel options
+- update-grub
+
+# reboot to activate realtime-kernel and kernel options
+power_state:
+  mode: reboot
+```
+
+Notes:
+
+* In the above, realtime kernel 6.8 is installed from a private ppa. It was recently backported from 24.04 to 22.04 and is still going through some validation stages. Once it is officially released, it will be installable via the Ubuntu Pro cli.
+
+
+````
+`````
+
+
+
+
+
+## {{product}} setup 
+
+{{product}} is delivered as a [snap](https://documentation.ubuntu.com/canonical-kubernetes/latest/snap/). 
+
+This chapter explains how to set up a dual node {{product}} cluster for testing EPA capabilities.
+
+### Control plane and worker node 
+
+1. [Install the snap](https://documentation.ubuntu.com/canonical-kubernetes/latest/snap/howto/install/snap/) from the moonray track. The [beta channel](https://documentation.ubuntu.com/canonical-kubernetes/latest/snap/explanation/channels/) is used at this point as the end configuration of the k8s snap is not finalised yet.
+
+```
+sudo snap install k8s --classic --channel=1.30-moonray/beta
+```
+
+2. Create a file called *configuration.yaml*. In this configuration file we let  the snap start with its default CNI (calico), with CoreDNS deployed and we also point k8s to the external etcd. 
+
+```
+cluster-config:
+  network:
+    enabled: true
+  dns:
+    enabled: true  local-storage:
+    enabled: true
+extra-node-kubelet-args:
+  --reserved-cpus: "0-31"
+  --cpu-manager-policy: "static"
+  --topology-manager-policy: "best-effort"
+```
+
+3. Bootstrap {{product}} using the above configuration file.
+
+```
+sudo k8s bootstrap --file configuration.yaml
+```
+
+#### Verify control plane node is up
+
+After a few seconds you can query the API server with:
+
+```
+sudo k8s kubectl get all -A
+```
+
+### Second k8s node as worker 
+
+1. Install the k8s snap on the second node
+
+```
+sudo snap install k8s --classic --channel=1.30-moonray/beta
+```
+
+2. On the control plane node generate a join token to be used for joining the
+   second node
+
+```
+sudo k8s get-join-token --worker
+```
+
+3. On the worker node create the configuration.yaml file
+
+```
+extra-node-kubelet-args:
+  --reserved-cpus: "0-31"
+  --cpu-manager-policy: "static"
+  --topology-manager-policy: "best-effort"
+```
+
+4. On the worker node use the token to join the cluster
+
+```
+sudo k8s join-cluster --file configuration.yaml <token-generated-on-the-control-plane-node>
+```
+
+
+### Verify the two node cluster is ready 
+
+After a few seconds the second worker node will register with the control
+plane. You can query the available workers from the first node:
+
+```
+sudo k8s kubectl get nodes
+```
+
+The output should list the connected nodes:
+
+```
+NAME          STATUS   ROLES                  AGE   VERSION
+pc6b-rb4-n1   Ready    control-plane,worker   22h   v1.30.2
+pc6b-rb4-n3   Ready    worker                 22h   v1.30.2
+```
+
+### Multus and SRIOV setup 
+
+Get the thick plugin (in case of resource scarcity we can consider deploying
+the thin flavor)
+
+```
+sudo k8s kubectl apply -f https://raw.githubusercontent.com/k8snetworkplumbingwg/multus-cni/master/deployments/multus-daemonset-thick.yml
+```
+
+Note: the memory limits for the multus pod spec in the DaemonSet should be
+increased (i.e. to 500Mi instead 50Mi) to avoid OOM issues when deploying
+multiple workload pods in parallel.
+
+#### SRIOV Network Device Plugin 
+
+* Create sriov-dp.yaml configMap
+
+```
+cat <<EOF | tee sriov-dp.yaml
+apiVersion: v1
+kind: ConfigMap
+metadata:
+ name: sriovdp-config
+ namespace: kube-system
+data:
+ config.json: |
+   {
+       "resourceList": [{
+               "resourceName": "intel_sriov_netdevice",
+               "selectors": [{
+                   "vendors": ["8086"],
+                   "devices": ["1889"],
+                   "drivers": ["iavf"]
+               }]
+           },
+           {
+               "resourceName": "intel_sriov_dpdk",
+               "resourcePrefix": "intel.com",
+               "selectors": [{
+                   "vendors": ["8086"],
+                   "devices": ["1889"],
+                   "drivers": ["vfio-pci"],
+                   "pfNames": ["enp152s0f1"],
+                   "needVhostNet": true
+               }]
+           }
+       ]
+   }
+EOF
+```
+
+Apply the configMap definition:
+
+```
+sudo k8s kubectl create -f ./sriov-dp.yaml
+```
+
+Install the SRIOV network device plugin:
+
+```
+sudo k8s kubectl apply -f https://raw.githubusercontent.com/k8snetworkplumbingwg/sriov-network-device-plugin/master/deployments/sriovdp-daemonset.yaml
+```
+
+#### SRIOV CNI 
+
+```
+sudo k8s kubectl apply -f https://raw.githubusercontent.com/k8snetworkplumbingwg/sriov-cni/master/images/sriov-cni-daemonset.yaml
+```
+
+#### Multus NetworkAttachmentDefinition 
+
+Create the sriov-nad.yaml NetworkAttachmentDefinition
+
+```
+cat <<EOF | tee sriov-nad.yaml
+apiVersion: "k8s.cni.cncf.io/v1"
+kind: NetworkAttachmentDefinition
+metadata:
+ name: sriov-net1
+ annotations:
+   k8s.v1.cni.cncf.io/resourceName: intel.com/intel_sriov_netdevice
+spec:
+ config: '{
+ "type": "sriov",
+ "cniVersion": "0.3.1",
+ "name": "sriov-network",
+ "ipam": {
+   "type": "host-local",
+   "subnet": "10.18.2.153/24", # The subnet for SR-IOV VFs
+   "routes": [{
+     "dst": "0.0.0.0/0"
+   }],
+   "gateway": "10.18.2.1" 
+ }
+}'
+EOF
+
+cat <<EOF | tee dpdk-nad.yaml
+apiVersion: "k8s.cni.cncf.io/v1"
+kind: NetworkAttachmentDefinition
+metadata:
+ name: dpdk-net1
+ annotations:
+   k8s.v1.cni.cncf.io/resourceName: intel.com/intel_sriov_dpdk
+spec:
+ config: '{
+ "type": "sriov",
+ "cniVersion": "0.3.1",
+ "name": "dpdk-network"
+}'
+EOF
+```
+
+Apply the two NetworkAttachmentDefinition definition files
+
+```
+sudo k8s kubectl create -f ./sriov-nad.yaml
+sudo k8s kubectl create -f ./dpdk-nad.yaml
+```
+
+## Testing
+
+## Testing HugePages in {{product}} 
+
+Verify that HugePages are allocated on your Kubernetes nodes. You can do this by checking the node's capacity and allocatable resources:
+
+```
+$ sudo k8s kubectl get nodes
+
+### Expected Output ###
+NAME          STATUS   ROLES                  AGE   VERSION
+pc6b-rb4-n1   Ready    control-plane,worker   22h   v1.30.2
+pc6b-rb4-n3   Ready    worker                 22h   v1.30.2
+$ sudo k8s kubectl describe node pc6b-rb4-n3 | grep -E 'hugepages'
+
+### Expected Output ###
+  hugepages-1Gi:      1000Gi
+  hugepages-2Mi:      0
+  hugepages-1Gi:      1000Gi
+  hugepages-2Mi:      0
+  hugepages-1Gi      0 (0%)      0 (0%)
+  hugepages-2Mi      0 (0%)      0 (0%)
+```
+
+So we have 1000 huge pages of 1Gi size each and we have a worker node labelled
+properly. Then you can create a Pod that explicitly requests one 1G Huge Page
+in its resource limits:
+
+```
+cat <<EOF | sudo k8s kubectl apply -f -
+apiVersion: v1
+kind: Pod
+metadata:
+  name: hugepage-test-ubuntu
+spec:
+  containers:
+  - name: ubuntu-container
+    image: ubuntu:latest
+    command: ["sleep", "infinity"]
+    resources:
+      limits:
+        hugepages-1Gi: 1Gi
+        memory: 128Mi
+      requests:
+        memory: 128Mi
+EOF
+```
+
+Note: To ensure proper resource management and prevent conflicts, Kubernetes
+enforces that a pod requesting HugePages also explicitly requests a minimum
+amount of either CPU or standard memory resources.
+
+Now, let’s check if the 1 Gi HugePage was allocated in the pod:
+
+```
+sudo k8s kubectl describe pod hugepage-test-ubuntu
+``` 
+
+This should produce output indicating the request:
+
+```
+....
+    Limits:
+      hugepages-1Gi:  1Gi
+      memory:         128Mi
+    Requests:
+      hugepages-1Gi:  1Gi
+      memory:         128Mi
+....
+
+```
+
+## Testthe real-time kernel
+
+First, verify that real-time kernel is enabled in the worker node by checking
+if “PREEMPT RT” appears after running the `uname -a` command:
+
+```
+uname -a
+```
+
+The output should show the “PREEMPT RT” identifier:
+
+```
+Linux pc6b-rb4-n3 6.8.1-1004-realtime #4~22.04.1-Ubuntu SMP PREEMPT_RT Mon Jun 24 16:45:51 UTC 2024 x86_64 x86_64 x86_64 GNU/Linux
+```
+
+The test will use cyclictest, commonly used to assess the real-time performance
+of a system, especially when running a real-time kernel. It measures the time
+it takes for a thread to cycle between high and low priority states, giving you
+an indication of the system's responsiveness to real-time events.  Lower
+latencies typically indicate better real-time performance.
+
+The output of cyclictest will provide statistics like:
+
+* Average latency: The average time taken for a cycle.  
+* Minimum latency: The shortest observed cycle time.  
+* Maximum latency: The longest observed cycle time.
+
+Create a pod that will run cyclictest tool with specific options:
+
+* -l 1000000: Sets the number of test iterations to 1 million.  
+* -m: Measures the maximum latency.  
+* -p 80: Sets the real-time scheduling priority to 80 (a high priority, typically used for real-time tasks).  
+* -t 1: Specifies CPU core 1 to be used for the test.
+
+```
+cat <<EOF | sudo k8s kubectl apply -f -
+apiVersion: v1
+kind: Pod
+metadata:
+  name: realtime-kernel-test
+spec:
+  containers:
+  - name: realtime-test
+    image: ubuntu:latest
+    command: ["/bin/bash"]
+    args: ["-c", "apt-get update && apt-get install rt-tests -y && cyclictest -l 1000000 -m -p 80 -t 1"]
+    securityContext:
+      privileged: true     
+EOF
+```
+
+Get the pod logs to verify that the test is running:
+
+```
+sudo k8s kubectl logs realtime-kernel-test -f
+
+### Expected Output ###
+...
+# /dev/cpu_dma_latency set to 0us
+policy: fifo: loadavg: 7.92 8.34 9.32 1/3698 2965
+
+T: 0 ( 2965) P:80 I:1000 C: 241486 Min:      3 Act:    4 Avg:    3 Max:      18
+```
+
+```{dropdown} Explanation of output
+
+* /dev/cpu\_dma\_latency set to 0us: This line indicates that the CPU DMA (Direct Memory Access) latency has been set to 0 microseconds. This setting is relevant for real-time systems as it controls how long a device can hold the CPU bus during a DMA transfer.  
+* policy: fifo: This means the scheduling policy for the cyclictest thread is set to FIFO (First In, First Out). In FIFO scheduling, the highest priority task that is ready to run gets the CPU first and continues running until it is blocked or voluntarily yields the CPU.  
+* loadavg: 7.92 8.34 9.32 1/3698 2965: This shows the load average of your system over the last 1, 5, and 15 minutes. The numbers are quite high, indicating that your system is under significant load. This can potentially affect the latency measurements.  
+* T: 0 ( 2965\) P:80 I:1000 C: 241486:  
+  * T: 0: The number of the CPU core the test was run on (CPU 0 in this case).  
+  * (2965): The PID (Process ID) of the cyclictest process.  
+  * P:80: The priority of the cyclictest thread.  
+  * I:1000: The number of iterations (loops) the test ran for (1000 in this case).  
+  * C: 241486: The number of cycles per second that the test has aimed for.  
+* Min: 3 Act: 4 Avg: 3 Max: 18: These are the key latency statistics in microseconds (us):  
+  * Min: The minimum latency observed during the test (3 us).  
+  * Act: The actual average latency (4 us).  
+  * Avg: The expected average latency (3us).  
+  * Max: The maximum latency observed during the test (18 us).  
+* In this case, the results suggest the following:  
+  * Low Latencies: The minimum, average, and maximum latencies are all very low (3-18 us), which is a good sign for real-time performance. It indicates that your real-time kernel is responding promptly to events.  
+  * High Load: The high load average indicates that your system is busy, but even under this load, the real-time kernel is maintaining low latencies for the high-priority cyclictest thread.
+
+```
+
+## Testing CPU Pinning and NUMA Topology Awareness in {{product}}
+
+First check if CPU Manager and NUMA Topology Manager is set up in the worker node:
+
+```
+ps -ef | grep /snap/k8s/678/bin/kubelet
+``` 
+
+```
+root        9139       1  1 Jul17 ?        00:20:03 /snap/k8s/678/bin/kubelet --anonymous-auth=false --authentication-token-webhook=true --authorization-mode=Webhook --client-ca-file=/etc/kubernetes/pki/client-ca.crt --cluster-dns=10.152.183.97 --cluster-domain=cluster.local --container-runtime-endpoint=/var/snap/k8s/common/run/containerd.sock --containerd=/var/snap/k8s/common/run/containerd.sock --cpu-manager-policy=static --eviction-hard=memory.available<100Mi,nodefs.available<1Gi,imagefs.available<1Gi --fail-swap-on=false --kubeconfig=/etc/kubernetes/kubelet.conf --node-ip=10.18.2.153 --node-labels=node-role.kubernetes.io/worker=,k8sd.io/role=worker --read-only-port=0 --register-with-taints= --reserved-cpus=0-31 --root-dir=/var/lib/kubelet --serialize-image-pulls=false --tls-cert-file=/etc/kubernetes/pki/kubelet.crt --tls-cipher-suites=TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305,TLS_RSA_WITH_AES_128_GCM_SHA256,TLS_RSA_WITH_AES_256_GCM_SHA384 --tls-private-key-file=/etc/kubernetes/pki/kubelet.key --topology-manager-policy=best-effort
+```
+
+Breakdown:
+
+* \--cpu-manager-policy=static : This flag within the Kubelet command line arguments explicitly tells us that the CPU Manager is active and using the static policy. Here's what this means:  
+  * CPU Manager:  This is a component of Kubelet that manages how CPU resources are allocated to pods running on a node.  
+  * Static Policy:  This policy is designed to provide stricter control over CPU allocation. With the static policy, you can request integer CPUs for your containers (e.g., 1, 2, etc.), and {{product}} will try to assign them to dedicated CPU cores on the node, providing a greater degree of isolation and predictability.  
+* \--reserved-cpus=0-31: This line indicates that no CPUs are reserved for the Kubelet or system processes. This implies that all CPUs might be available for pod scheduling, depending on the cluster's overall resource allocation strategy.  
+* \--topology-manager-policy=best-effort: This flag sets the topology manager policy to "best-effort." The topology manager helps optimise pod placement on nodes by considering factors like NUMA nodes, CPU cores, and devices. The "best-effort" policy tries to place pods optimally, but it doesn't enforce strict requirements.
+
+You can also confirm the total number of NUMA CPUs available in the worker node:
+
+```
+lscpu
+
+### Expected Output ###
+....
+NUMA:
+  NUMA node(s):           2
+  NUMA node0 CPU(s):      0,2,4,6,8,10,12,14,16,18,20,22,24,26,28,30,32,34,36,38,40,42,44,46,48,50,52,54,56,58,60,62,64,66,68,70,72,74,76,78,80,82,84,86,88,90,92,94,96,98,100,102,104,106,108,110,112,114,116,118,120,122,124,126
+  NUMA node1 CPU(s):      1,3,5,7,9,11,13,15,17,19,21,23,25,27,29,31,33,35,37,39,41,43,45,47,49,51,53,55,57,59,61,63,65,67,69,71,73,75,77,79,81,83,85,87,89,91,93,95,97,99,101,103,105,107,109,111,113,115,117,119,121,123,125,127
+...
+```
+
+Now let’s label the node with information about the available CPU/NUMA nodes, and then create a pod selecting that label:
+
+```
+sudo k8s kubectl label node pc6b-rb4-n3 topology.kubernetes.io/zone=NUMA
+
+### Expected Output ###
+node/pc6b-rb4-n3 labeled
+
+$ cat <<EOF | sudo k8s kubectl apply -f -
+apiVersion: v1
+kind: Pod
+metadata:
+  name: cpu-pinning-test
+spec:
+  containers:
+  - name: test-container
+    image: ubuntu:latest
+    command: ["sleep", "infinity"]
+    resources:
+      requests:
+        cpu: "2"
+        memory: "512Mi"
+      limits:
+        cpu: "2"
+        memory: "512Mi"
+  nodeSelector:
+    topology.kubernetes.io/zone: NUMA
+EOF
+```
+
+Finally, describing the node and the pod will confirm that the pod is running
+on the intended node and that its CPU requests are being met; also running
+taskset inside the pod will identify the pod pinned to the process running
+inside the pod:
+
+```
+sudo k8s kubectl describe node pc6b-rb4-n3
+```
+
+...which should produce the output:
+
+```
+  Namespace                   Name                                 CPU Requests  CPU Limits  Memory Requests  Memory Limits  Age
+  ---------                   ----                                 ------------  ----------  ---------------  -------------  ---
+  ....
+  default                     cpu-pinning-test                     2 (2%)        2 (2%)      512Mi (0%)       512Mi (0%)     72s
+  ....
+```
+
+```
+sudo k8s kubectl describe pod cpu-pinning-test
+```
+
+### Expected Output ###
+...
+    Limits:
+      cpu:     2
+      memory:  512Mi
+    Requests:
+      cpu:        2
+      memory:     512Mi
+...
+
+sudo k8s kubectl exec -ti cpu-pinning-test -- /bin/bash
+root@cpu-pinning-test:/# ps -ef
+UID          PID    PPID  C STIME TTY          TIME CMD
+root           1       0  0 08:51 ?        00:00:00 sleep infinity
+root          17       0  0 08:58 pts/0    00:00:00 /bin/bash
+root          25      17  0 08:58 pts/0    00:00:00 ps -ef
+root@cpu-pinning-test:/# taskset -p 1
+pid 1's current affinity mask: 1000000000000000100000000
+```
+
+This hexadecimal mask (1000000000000000100000000) might seem unusual, but it
+represents the binary equivalent: 0b1000000000000000100000000  
+In this binary representation, each '1' bit indicates a CPU core that the
+process is allowed to run on, while a '0' bit indicates a core the process
+cannot use. Counting from right to left (starting at 0), the '1' bits in this
+mask correspond to CPU cores 0 and 32\.
+
+Based on the output, the sleep infinity process (PID 1\) is indeed being pinned
+to specific CPU cores (0 and 32). This indicates that the CPU pinning is
+working correctly. 
+
+## Testing SR-IOV & DPDK in {{product}} 
+
+First check if SR-IOV Device Plugin pod is running and healthy in the cluster,
+if SR-IOV is allocatable in the worker node and the PCI IDs of the VFs
+available in the node (describing one of them to get further details):
+
+```
+sudo k8s kubectl get pods -n kube-system | grep sriov-device-plugin
+
+### Expected Output ###
+kube-sriov-device-plugin-7mxz5        1/1     Running   0          7m31s
+kube-sriov-device-plugin-fjzgt        1/1     Running   0          7m31s
+
+sudo k8s kubectl describe node pc6b-rb4-n3
+
+### Expected Output ###
+...
+Allocatable:
+  cpu:                              96
+  ephemeral-storage:                478444208Ki
+  hugepages-1Gi:                    1000Gi
+  hugepages-2Mi:                    0
+  intel.com/intel_sriov_dpdk:       118
+  intel.com/intel_sriov_netdevice:  10
+  memory:                           1064530020Ki
+  pods:                             110
+....
+
+lspci | grep Virtual
+98:11.0 Ethernet controller: Intel Corporation Ethernet Adaptive Virtual Function (rev 02)
+98:11.1 Ethernet controller: Intel Corporation Ethernet Adaptive Virtual Function (rev 02)
+98:11.2 Ethernet controller: Intel Corporation Ethernet Adaptive Virtual Function (rev 02)
+...
+99:00.5 Ethernet controller: Intel Corporation Ethernet Adaptive Virtual Function (rev 02)
+99:00.6 Ethernet controller: Intel Corporation Ethernet Adaptive Virtual Function (rev 02)
+99:00.7 Ethernet controller: Intel Corporation Ethernet Adaptive Virtual Function (rev 02)
+
+$ lspci -s 98:1f.2 -vv
+98:1f.2 Ethernet controller: Intel Corporation Ethernet Adaptive Virtual Function (rev 02)
+	Subsystem: Intel Corporation Ethernet Adaptive Virtual Function
+	Control: I/O- Mem- BusMaster- SpecCycle- MemWINV- VGASnoop- ParErr- Stepping- SERR- FastB2B- DisINTx-
+	Status: Cap+ 66MHz- UDF- FastB2B- ParErr- DEVSEL=fast >TAbort- <TAbort- <MAbort- >SERR- <PERR- INTx-
+	NUMA node: 1
+	IOMMU group: 391
+	Region 0: Memory at d6e40000 (64-bit, prefetchable) [virtual] [size=128K]
+	Region 3: Memory at d81e8000 (64-bit, prefetchable) [virtual] [size=16K]
+	Capabilities: <access denied>
+	Kernel driver in use: vfio-pci
+	Kernel modules: iavf
+```
+
+Now, let’s create a test pod that will claim a network interface from the DPDK network:
+
+```
+$ cat <<EOF | sudo k8s kubectl apply -f -
+apiVersion: v1
+kind: Pod
+metadata:
+  name: sriov-test-pod
+  annotations:
+    k8s.v1.cni.cncf.io/networks: dpdk-net1 
+spec:
+  containers:
+    - name: sriov-test-container
+      image: ubuntu:latest
+      resources:
+        limits:
+          cpu: "10"
+          memory: "4000Mi"
+          intel.com/intel_sriov_dpdk: '1'
+          hugepages-1Gi: "16Gi"
+        requests:
+          cpu: "10"
+          memory: "4000Mi"
+          hugepages-1Gi: "16Gi"
+          intel.com/intel_sriov_dpdk: '1'
+      securityContext:
+        capabilities:
+          add:
+            - NET_ADMIN
+            - CAP_SYS_NICE
+            - SYS_NICE
+            - IPC_LOCK
+            - NET_ADMIN
+            - SYS_TIME
+            - CAP_NET_RAW
+            - CAP_BPF
+            - CAP_SYS_ADMIN
+            - SYS_ADMIN
+        privileged: true
+      command: ["bash", "-c", "sleep infinity"]
+EOF
+```
+
+Finally, describe the pod to confirm the DPDK network assignment and also the
+virtual function PCI ID (in this case, 0000:98:1f.2) that was assigned
+automatically to the net1 interface:
+
+```
+$ sudo k8s kubectl describe pod sriov-test-pod
+
+### Expected Output ###
+...
+                  k8s.v1.cni.cncf.io/network-status:
+                    [{
+                        "name": "k8s-pod-network",
+                        "ips": [
+                            "10.1.17.141"
+                        ],
+                        "default": true,
+                        "dns": {}
+                    },{
+                        "name": "default/dpdk-net1",
+                        "interface": "net1",
+                        "mac": "26:e4:aa:f4:ce:ba",
+                        "dns": {},
+                        "device-info": {
+                            "type": "pci",
+                            "version": "1.1.0",
+                            "pci": {
+                                "pci-address": "0000:98:1f.2"
+                            }
+                        }
+                    }]
+                  k8s.v1.cni.cncf.io/networks: dpdk-net1
+...
+
+```
+
+
+
+# References 
+
+* [How to enable Real-time Ubuntu](https://canonical-ubuntu-pro-client.readthedocs-hosted.com/en/latest/howtoguides/enable\_realtime\_kernel/\#how-to-enable-real-time-ubuntu)  
+* [Manage HugePages](https://kubernetes.io/docs/tasks/manage-hugepages/scheduling-hugepages/)  
+* [Utilising the NUMA-aware Memory Manager](https://kubernetes.io/docs/tasks/administer-cluster/memory-manager/)  
+* [SR-IOV Network Device Plugin for Kubernetes](https://github.com/k8snetworkplumbingwg/sriov-network-device-plugin)  
+* [VMware Telco Cloud Automation \- EPA](https://docs.vmware.com/en/VMware-Telco-Cloud-Automation/3.1.1/com-vmware-tca-userguide/GUID-3F4BA111-D344-4022-A635-7D5774385EF8.html)
+
+
+<!-- LINKS -->
+
+[MAAS]: 
\ No newline at end of file

From 34347b2db6d07d9dd1cb2cd08c6dade41bd1c037 Mon Sep 17 00:00:00 2001
From: Nick Veitch <nick.veitch@canonical.com>
Date: Mon, 9 Sep 2024 12:23:57 +0100
Subject: [PATCH 02/45] add to index

---
 docs/src/snap/howto/index.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/docs/src/snap/howto/index.md b/docs/src/snap/howto/index.md
index 3d78213aa..c7bf9da3b 100644
--- a/docs/src/snap/howto/index.md
+++ b/docs/src/snap/howto/index.md
@@ -20,6 +20,7 @@ networking/dualstack
 storage/index
 external-datastore
 proxy
+epa
 backup-restore
 refresh-certs
 restore-quorum

From 2db591946c576e23f6c216c4e7b33d0e54219b19 Mon Sep 17 00:00:00 2001
From: Nick Veitch <nick.veitch@canonical.com>
Date: Mon, 9 Sep 2024 14:12:45 +0100
Subject: [PATCH 03/45] add maas link

---
 docs/src/snap/howto/epa.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/docs/src/snap/howto/epa.md b/docs/src/snap/howto/epa.md
index 3e79486e6..19b9fb9fe 100644
--- a/docs/src/snap/howto/epa.md
+++ b/docs/src/snap/howto/epa.md
@@ -1002,7 +1002,7 @@ $ sudo k8s kubectl describe pod sriov-test-pod
 
 
 
-# References 
+## References 
 
 * [How to enable Real-time Ubuntu](https://canonical-ubuntu-pro-client.readthedocs-hosted.com/en/latest/howtoguides/enable\_realtime\_kernel/\#how-to-enable-real-time-ubuntu)  
 * [Manage HugePages](https://kubernetes.io/docs/tasks/manage-hugepages/scheduling-hugepages/)  
@@ -1013,4 +1013,4 @@ $ sudo k8s kubectl describe pod sriov-test-pod
 
 <!-- LINKS -->
 
-[MAAS]: 
\ No newline at end of file
+[MAAS]: maas.io
\ No newline at end of file

From b19c2226a18db17c97dc0ae0739f5fd9d32b97e9 Mon Sep 17 00:00:00 2001
From: Nick Veitch <nick.veitch@canonical.com>
Date: Mon, 9 Sep 2024 14:23:07 +0100
Subject: [PATCH 04/45] code update

---
 docs/src/snap/howto/epa.md | 12 +++++++-----
 1 file changed, 7 insertions(+), 5 deletions(-)

diff --git a/docs/src/snap/howto/epa.md b/docs/src/snap/howto/epa.md
index 19b9fb9fe..66578224b 100644
--- a/docs/src/snap/howto/epa.md
+++ b/docs/src/snap/howto/epa.md
@@ -966,13 +966,15 @@ EOF
 ```
 
 Finally, describe the pod to confirm the DPDK network assignment and also the
-virtual function PCI ID (in this case, 0000:98:1f.2) that was assigned
-automatically to the net1 interface:
+virtual function PCI ID (in this case, `0000:98:1f.2`) that was assigned
+automatically to the `net1` interface:
 
 ```
-$ sudo k8s kubectl describe pod sriov-test-pod
+sudo k8s kubectl describe pod sriov-test-pod
+```
 
-### Expected Output ###
+
+```
 ...
                   k8s.v1.cni.cncf.io/network-status:
                     [{
@@ -1002,7 +1004,7 @@ $ sudo k8s kubectl describe pod sriov-test-pod
 
 
 
-## References 
+## Further reading
 
 * [How to enable Real-time Ubuntu](https://canonical-ubuntu-pro-client.readthedocs-hosted.com/en/latest/howtoguides/enable\_realtime\_kernel/\#how-to-enable-real-time-ubuntu)  
 * [Manage HugePages](https://kubernetes.io/docs/tasks/manage-hugepages/scheduling-hugepages/)  

From 50c59745761c1309895f1fb627efeacb732cf529 Mon Sep 17 00:00:00 2001
From: Nick Veitch <nick.veitch@canonical.com>
Date: Tue, 10 Sep 2024 11:46:21 +0100
Subject: [PATCH 05/45] testing format

---
 docs/src/snap/howto/epa.md | 51 +++++++++++++++++++++++++++++---------
 1 file changed, 39 insertions(+), 12 deletions(-)

diff --git a/docs/src/snap/howto/epa.md b/docs/src/snap/howto/epa.md
index 66578224b..5ae483a34 100644
--- a/docs/src/snap/howto/epa.md
+++ b/docs/src/snap/howto/epa.md
@@ -597,20 +597,27 @@ sudo k8s kubectl create -f ./dpdk-nad.yaml
 
 ## Testing
 
-## Testing HugePages in {{product}} 
+It is important to verify that all of these enabled features are working as
+expected before relying on them. This section deals with how to verify
+everything is working as expected.
 
-Verify that HugePages are allocated on your Kubernetes nodes. You can do this by checking the node's capacity and allocatable resources:
+### Testing HugePages 
 
+Verify that HugePages are allocated on your Kubernetes nodes. You can do this
+by checking the node's capacity and allocatable resources:
+
+```
+sudo k8s kubectl get nodes
 ```
-$ sudo k8s kubectl get nodes
 
-### Expected Output ###
+```
+```
 NAME          STATUS   ROLES                  AGE   VERSION
 pc6b-rb4-n1   Ready    control-plane,worker   22h   v1.30.2
 pc6b-rb4-n3   Ready    worker                 22h   v1.30.2
-$ sudo k8s kubectl describe node pc6b-rb4-n3 | grep -E 'hugepages'
+```
 
-### Expected Output ###
+```
   hugepages-1Gi:      1000Gi
   hugepages-2Mi:      0
   hugepages-1Gi:      1000Gi
@@ -871,7 +878,7 @@ Based on the output, the sleep infinity process (PID 1\) is indeed being pinned
 to specific CPU cores (0 and 32). This indicates that the CPU pinning is
 working correctly. 
 
-## Testing SR-IOV & DPDK in {{product}} 
+### Testing SR-IOV & DPDK
 
 First check if SR-IOV Device Plugin pod is running and healthy in the cluster,
 if SR-IOV is allocatable in the worker node and the PCI IDs of the VFs
@@ -879,14 +886,24 @@ available in the node (describing one of them to get further details):
 
 ```
 sudo k8s kubectl get pods -n kube-system | grep sriov-device-plugin
+```
 
-### Expected Output ###
+This should indicate some running pods:
+
+```
 kube-sriov-device-plugin-7mxz5        1/1     Running   0          7m31s
 kube-sriov-device-plugin-fjzgt        1/1     Running   0          7m31s
+```
 
+Now check the VFs:
+
+```
 sudo k8s kubectl describe node pc6b-rb4-n3
+```
 
-### Expected Output ###
+This should indicate the presence of the SRIOV device:
+
+```
 ...
 Allocatable:
   cpu:                              96
@@ -898,8 +915,15 @@ Allocatable:
   memory:                           1064530020Ki
   pods:                             110
 ....
+```
+
+The virtual functions should also appear on th 
 
+```
 lspci | grep Virtual
+```
+
+```
 98:11.0 Ethernet controller: Intel Corporation Ethernet Adaptive Virtual Function (rev 02)
 98:11.1 Ethernet controller: Intel Corporation Ethernet Adaptive Virtual Function (rev 02)
 98:11.2 Ethernet controller: Intel Corporation Ethernet Adaptive Virtual Function (rev 02)
@@ -907,8 +931,10 @@ lspci | grep Virtual
 99:00.5 Ethernet controller: Intel Corporation Ethernet Adaptive Virtual Function (rev 02)
 99:00.6 Ethernet controller: Intel Corporation Ethernet Adaptive Virtual Function (rev 02)
 99:00.7 Ethernet controller: Intel Corporation Ethernet Adaptive Virtual Function (rev 02)
+```
 
-$ lspci -s 98:1f.2 -vv
+```
+lspci -s 98:1f.2 -vv
 98:1f.2 Ethernet controller: Intel Corporation Ethernet Adaptive Virtual Function (rev 02)
 	Subsystem: Intel Corporation Ethernet Adaptive Virtual Function
 	Control: I/O- Mem- BusMaster- SpecCycle- MemWINV- VGASnoop- ParErr- Stepping- SERR- FastB2B- DisINTx-
@@ -922,10 +948,10 @@ $ lspci -s 98:1f.2 -vv
 	Kernel modules: iavf
 ```
 
-Now, let’s create a test pod that will claim a network interface from the DPDK network:
+Now, create a test pod that will claim a network interface from the DPDK network:
 
 ```
-$ cat <<EOF | sudo k8s kubectl apply -f -
+cat <<EOF | sudo k8s kubectl apply -f -
 apiVersion: v1
 kind: Pod
 metadata:
@@ -1004,6 +1030,7 @@ sudo k8s kubectl describe pod sriov-test-pod
 
 
 
+
 ## Further reading
 
 * [How to enable Real-time Ubuntu](https://canonical-ubuntu-pro-client.readthedocs-hosted.com/en/latest/howtoguides/enable\_realtime\_kernel/\#how-to-enable-real-time-ubuntu)  

From 530976fa61b264e3ebbd40ffbfbbbcf38d5507b2 Mon Sep 17 00:00:00 2001
From: Nick Veitch <nick.veitch@canonical.com>
Date: Tue, 10 Sep 2024 15:04:22 +0100
Subject: [PATCH 06/45] linting

---
 docs/src/snap/howto/epa.md | 32 +++++++++++++++++++++++---------
 1 file changed, 23 insertions(+), 9 deletions(-)

diff --git a/docs/src/snap/howto/epa.md b/docs/src/snap/howto/epa.md
index 5ae483a34..ada939c9b 100644
--- a/docs/src/snap/howto/epa.md
+++ b/docs/src/snap/howto/epa.md
@@ -2,7 +2,11 @@
 
 This section explains how to set up the EPA features in a {{product}} cluster. 
 
-The content starts with the setup of the environment (including steps for using [MAAS][]). Then the setup of {{product}}, including the Multus & SR-IOV/DPDK networking components. Finally, the steps needed to test every EPA feature: HugePages, Real-time Kernel, CPU Pinning / Numa Topology Awareness and SR-IOV/DPDK. 
+The content starts with the setup of the environment (including steps for using
+[MAAS][MAAS]). Then the setup of {{product}}, including the Multus & SR-IOV/DPDK
+networking components. Finally, the steps needed to test every EPA feature:
+HugePages, Real-time Kernel, CPU Pinning / Numa Topology Awareness and
+SR-IOV/DPDK. 
 
 ## What you'll need
 
@@ -386,19 +390,28 @@ Notes:
 
 ## {{product}} setup 
 
-{{product}} is delivered as a [snap](https://documentation.ubuntu.com/canonical-kubernetes/latest/snap/). 
+{{product}} is delivered as a 
+[snap](https://documentation.ubuntu.com/canonical-kubernetes/latest/snap/).
 
-This chapter explains how to set up a dual node {{product}} cluster for testing EPA capabilities.
+This section explains how to set up a dual node {{product}} cluster for testing
+EPA capabilities.
 
 ### Control plane and worker node 
 
-1. [Install the snap](https://documentation.ubuntu.com/canonical-kubernetes/latest/snap/howto/install/snap/) from the moonray track. The [beta channel](https://documentation.ubuntu.com/canonical-kubernetes/latest/snap/explanation/channels/) is used at this point as the end configuration of the k8s snap is not finalised yet.
+1. [Install the
+   snap](https://documentation.ubuntu.com/canonical-kubernetes/latest/snap/howto/install/snap/)
+   from the moonray track. The [beta
+   channel](https://documentation.ubuntu.com/canonical-kubernetes/latest/snap/explanation/channels/)
+   is used at this point as the end configuration of the k8s snap is not
+   finalised yet.
 
 ```
 sudo snap install k8s --classic --channel=1.30-moonray/beta
 ```
 
-2. Create a file called *configuration.yaml*. In this configuration file we let  the snap start with its default CNI (calico), with CoreDNS deployed and we also point k8s to the external etcd. 
+2. Create a file called *configuration.yaml*. In this configuration file we let
+   the snap start with its default CNI (calico), with CoreDNS deployed and we
+   also point k8s to the external etcd. 
 
 ```
 cluster-config:
@@ -617,6 +630,7 @@ pc6b-rb4-n1   Ready    control-plane,worker   22h   v1.30.2
 pc6b-rb4-n3   Ready    worker                 22h   v1.30.2
 ```
 
+
 ```
   hugepages-1Gi:      1000Gi
   hugepages-2Mi:      0
@@ -703,10 +717,10 @@ The output of cyclictest will provide statistics like:
 
 Create a pod that will run cyclictest tool with specific options:
 
-* -l 1000000: Sets the number of test iterations to 1 million.  
-* -m: Measures the maximum latency.  
-* -p 80: Sets the real-time scheduling priority to 80 (a high priority, typically used for real-time tasks).  
-* -t 1: Specifies CPU core 1 to be used for the test.
+- `-l 1000000`: Sets the number of test iterations to 1 million.  
+- `-m`: Measures the maximum latency.  
+- `-p 80`: Sets the real-time scheduling priority to 80 (a high priority, typically used for real-time tasks).  
+- `-t 1`: Specifies CPU core 1 to be used for the test.
 
 ```
 cat <<EOF | sudo k8s kubectl apply -f -

From d51771966a7ff5cf39b71823917c3887972def14 Mon Sep 17 00:00:00 2001
From: Nick Veitch <nick.veitch@canonical.com>
Date: Tue, 10 Sep 2024 15:07:16 +0100
Subject: [PATCH 07/45] format fixes

---
 docs/src/snap/howto/epa.md | 22 ++++++++++++----------
 1 file changed, 12 insertions(+), 10 deletions(-)

diff --git a/docs/src/snap/howto/epa.md b/docs/src/snap/howto/epa.md
index ada939c9b..82d02544a 100644
--- a/docs/src/snap/howto/epa.md
+++ b/docs/src/snap/howto/epa.md
@@ -744,7 +744,9 @@ Get the pod logs to verify that the test is running:
 ```
 sudo k8s kubectl logs realtime-kernel-test -f
 
-### Expected Output ###
+```
+
+```
 ...
 # /dev/cpu_dma_latency set to 0us
 policy: fifo: loadavg: 7.92 8.34 9.32 1/3698 2965
@@ -754,15 +756,15 @@ T: 0 ( 2965) P:80 I:1000 C: 241486 Min:      3 Act:    4 Avg:    3 Max:      18
 
 ```{dropdown} Explanation of output
 
-* /dev/cpu\_dma\_latency set to 0us: This line indicates that the CPU DMA (Direct Memory Access) latency has been set to 0 microseconds. This setting is relevant for real-time systems as it controls how long a device can hold the CPU bus during a DMA transfer.  
-* policy: fifo: This means the scheduling policy for the cyclictest thread is set to FIFO (First In, First Out). In FIFO scheduling, the highest priority task that is ready to run gets the CPU first and continues running until it is blocked or voluntarily yields the CPU.  
-* loadavg: 7.92 8.34 9.32 1/3698 2965: This shows the load average of your system over the last 1, 5, and 15 minutes. The numbers are quite high, indicating that your system is under significant load. This can potentially affect the latency measurements.  
-* T: 0 ( 2965\) P:80 I:1000 C: 241486:  
-  * T: 0: The number of the CPU core the test was run on (CPU 0 in this case).  
-  * (2965): The PID (Process ID) of the cyclictest process.  
-  * P:80: The priority of the cyclictest thread.  
-  * I:1000: The number of iterations (loops) the test ran for (1000 in this case).  
-  * C: 241486: The number of cycles per second that the test has aimed for.  
+- `/dev/cpu_dma\_latency set to 0us`: This line indicates that the CPU DMA (Direct Memory Access) latency has been set to 0 microseconds. This setting is relevant for real-time systems as it controls how long a device can hold the CPU bus during a DMA transfer.  
+- `policy: fifo`: This means the scheduling policy for the cyclictest thread is set to FIFO (First In, First Out). In FIFO scheduling, the highest priority task that is ready to run gets the CPU first and continues running until it is blocked or voluntarily yields the CPU.  
+- `loadavg: 7.92 8.34 9.32 1/3698 2965:` This shows the load average of your system over the last 1, 5, and 15 minutes. The numbers are quite high, indicating that your system is under significant load. This can potentially affect the latency measurements.  
+- `T: 0 ( 2965) P:80 I:1000 C: 241486`:  
+  - T: 0: The number of the CPU core the test was run on (CPU 0 in this case).  
+  - (2965): The PID (Process ID) of the cyclictest process.  
+  - P:80: The priority of the cyclictest thread.  
+  - I:1000: The number of iterations (loops) the test ran for (1000 in this case).  
+  - C: 241486: The number of cycles per second that the test has aimed for.  
 * Min: 3 Act: 4 Avg: 3 Max: 18: These are the key latency statistics in microseconds (us):  
   * Min: The minimum latency observed during the test (3 us).  
   * Act: The actual average latency (4 us).  

From ad0fd417f631a4326ec44d8c1dccaaabb3b67106 Mon Sep 17 00:00:00 2001
From: Nick Veitch <nick.veitch@canonical.com>
Date: Tue, 10 Sep 2024 18:59:01 +0100
Subject: [PATCH 08/45] Update docs/src/snap/howto/epa.md

Co-authored-by: Louise K. Schmidtgen <louise.schmidtgen@canonical.com>
---
 docs/src/snap/howto/epa.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/src/snap/howto/epa.md b/docs/src/snap/howto/epa.md
index 82d02544a..df14dc792 100644
--- a/docs/src/snap/howto/epa.md
+++ b/docs/src/snap/howto/epa.md
@@ -11,7 +11,7 @@ SR-IOV/DPDK.
 ## What you'll need
 
 - An Ubuntu Pro subscription (required for real-time kernel)
-- Ubuntu instances **or** a MAAS environment to run {product} on 
+- Ubuntu instances **or** a MAAS environment to run {{product}} on 
 
 
 ## Prepare the Environment 

From 69676269cf682adf96953ebd23e9495c36aa190f Mon Sep 17 00:00:00 2001
From: Nick Veitch <nick.veitch@canonical.com>
Date: Tue, 10 Sep 2024 19:51:37 +0100
Subject: [PATCH 09/45] Update docs/src/snap/howto/epa.md

Co-authored-by: Louise K. Schmidtgen <louise.schmidtgen@canonical.com>
---
 docs/src/snap/howto/epa.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/src/snap/howto/epa.md b/docs/src/snap/howto/epa.md
index df14dc792..64265c08d 100644
--- a/docs/src/snap/howto/epa.md
+++ b/docs/src/snap/howto/epa.md
@@ -205,7 +205,7 @@ virtual functions.
 ```
 
 
-* Now let’s enable DPDK, first by cloning the DPDK repo, and then placing the script that will bind the VFs to the VFIO-PCI driver in the location that will run automatically each time the system boots up, so the VFIO (Virtual Function I/O) bindings are applied consistently:
+Now let’s enable DPDK, first by cloning the DPDK repo, and then placing the script that will bind the VFs to the VFIO-PCI driver in the location that will run automatically each time the system boots up, so the VFIO (Virtual Function I/O) bindings are applied consistently:
 
 ```
 git clone https://github.com/DPDK/dpdk.git /home/ubuntu/dpdk

From 936bd09bbd8cfe54e60fa5794b0ecec3d601ad59 Mon Sep 17 00:00:00 2001
From: Nick Veitch <nick.veitch@canonical.com>
Date: Tue, 10 Sep 2024 19:52:02 +0100
Subject: [PATCH 10/45] Update docs/src/snap/howto/epa.md

Co-authored-by: Louise K. Schmidtgen <louise.schmidtgen@canonical.com>
---
 docs/src/snap/howto/epa.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/src/snap/howto/epa.md b/docs/src/snap/howto/epa.md
index 64265c08d..363c3789e 100644
--- a/docs/src/snap/howto/epa.md
+++ b/docs/src/snap/howto/epa.md
@@ -1,6 +1,6 @@
 # How to set up Enhanced Platform Awareness
 
-This section explains how to set up the EPA features in a {{product}} cluster. 
+This section explains how to set up the Enhanced Platform Awareness (EPA) features in a {{product}} cluster. 
 
 The content starts with the setup of the environment (including steps for using
 [MAAS][MAAS]). Then the setup of {{product}}, including the Multus & SR-IOV/DPDK

From b21af46dda1b4f0ceaa7ca5763acb99f54345f1c Mon Sep 17 00:00:00 2001
From: Nick Veitch <nick.veitch@canonical.com>
Date: Fri, 13 Sep 2024 14:43:03 +0100
Subject: [PATCH 11/45] review fixes

---
 docs/src/snap/howto/epa.md | 24 ++++++++++++++----------
 1 file changed, 14 insertions(+), 10 deletions(-)

diff --git a/docs/src/snap/howto/epa.md b/docs/src/snap/howto/epa.md
index 363c3789e..0e799877d 100644
--- a/docs/src/snap/howto/epa.md
+++ b/docs/src/snap/howto/epa.md
@@ -611,7 +611,7 @@ sudo k8s kubectl create -f ./dpdk-nad.yaml
 ## Testing
 
 It is important to verify that all of these enabled features are working as
-expected before relying on them. This section deals with how to verify
+expected before relying on them. This section confirms that
 everything is working as expected.
 
 ### Testing HugePages 
@@ -623,7 +623,8 @@ by checking the node's capacity and allocatable resources:
 sudo k8s kubectl get nodes
 ```
 
-```
+This should return the available nodes
+
 ```
 NAME          STATUS   ROLES                  AGE   VERSION
 pc6b-rb4-n1   Ready    control-plane,worker   22h   v1.30.2
@@ -640,9 +641,9 @@ pc6b-rb4-n3   Ready    worker                 22h   v1.30.2
   hugepages-2Mi      0 (0%)      0 (0%)
 ```
 
-So we have 1000 huge pages of 1Gi size each and we have a worker node labelled
-properly. Then you can create a Pod that explicitly requests one 1G Huge Page
-in its resource limits:
+So this example has 1000 huge pages of 1Gi size each and we have a worker node
+labelled properly. Then you can create a Pod that explicitly requests one 1G
+Huge Page in its resource limits:
 
 ```
 cat <<EOF | sudo k8s kubectl apply -f -
@@ -664,17 +665,20 @@ spec:
 EOF
 ```
 
-Note: To ensure proper resource management and prevent conflicts, Kubernetes
+```{note} 
+To ensure proper resource management and prevent conflicts, Kubernetes
 enforces that a pod requesting HugePages also explicitly requests a minimum
-amount of either CPU or standard memory resources.
+Now, ensure that the `1Gi` HugePage is allocated in the pod:
+```
 
-Now, let’s check if the 1 Gi HugePage was allocated in the pod:
+Now ensure that the 1Gi HugePage is allocated in the pod:
 
 ```
 sudo k8s kubectl describe pod hugepage-test-ubuntu
 ``` 
 
-This should produce output indicating the request:
+The output should reflect the HugePage request:
+
 
 ```
 ....
@@ -688,7 +692,7 @@ This should produce output indicating the request:
 
 ```
 
-## Testthe real-time kernel
+## Test the real-time kernel
 
 First, verify that real-time kernel is enabled in the worker node by checking
 if “PREEMPT RT” appears after running the `uname -a` command:

From 95dfbe9f329b98efba52f664044b1bd150b9c1e5 Mon Sep 17 00:00:00 2001
From: Nick Veitch <nick.veitch@canonical.com>
Date: Fri, 13 Sep 2024 15:40:34 +0100
Subject: [PATCH 12/45] formatting/comment fixes

---
 docs/src/snap/howto/epa.md | 104 +++++++++++++++++++++----------------
 1 file changed, 60 insertions(+), 44 deletions(-)

diff --git a/docs/src/snap/howto/epa.md b/docs/src/snap/howto/epa.md
index 0e799877d..1a69b9299 100644
--- a/docs/src/snap/howto/epa.md
+++ b/docs/src/snap/howto/epa.md
@@ -49,6 +49,8 @@ membind: 0 1
 
 ### Enable the real-time kernel
 
+The real-time kernel enablement requires an ubuntu pro subscription and some additional tools to be available.
+
 ```
 sudo pro attach
 sudo apt update && sudo apt install ubuntu-advantage-tools
@@ -135,6 +137,7 @@ Once the reboot has taken place, ensure the HugePages configuration has been app
 ```
 grep HugePages /proc/meminfo
 ```
+
 This should  generate output indicating the number of pages allocated
 
 ```
@@ -148,19 +151,20 @@ HugePages_Surp:        0
 Next, create a configuration file to configure the network interface 
 to use SR-IOV (so it can create virtual functions afterwards) using 
 Netplan. In the example below the file is created first, then the configuration is
-applied and then the 128 virtual functions are available for use in the environment:
+applied, making  128 virtual functions available for use in the environment:
 
 ```
 cat <<EOF > /etc/netplan/99-sriov_vfs.yaml
-      network:
-          ethernets:
-              enp152s0f1:
-                  virtual-function-count: 128
+  network:
+    ethernets:
+      enp152s0f1:
+        virtual-function-count: 128
 EOF
 sudo chmod 0600 /etc/netplan/99-sriov_vfs.yaml
 sudo netplan apply
 ip link show enp152s0f1
 ```
+
 The output of the last command should indicate the device is working and has generated the expected
 virtual functions.
 
@@ -175,6 +179,7 @@ virtual functions.
     vf 126     link/ether 66:fe:ad:f2:d3:05 brd ff:ff:ff:ff:ff:ff, spoof checking on, link-state auto, trust off
     vf 127     link/ether ca:20:00:c6:83:dd brd ff:ff:ff:ff:ff:ff, spoof checking on, link-state auto, trust off
 ```
+
 ```{dropdown} Explanation of steps
   * Breakdown of the content of the file /etc/netplan/99-sriov\_vfs.yaml :  
     * path: /etc/netplan/99-sriov\_vfs.yaml: This specifies the location of the configuration file. The "99" prefix in the filename usually indicates that it will be processed last, potentially overriding other configurations.  
@@ -205,7 +210,10 @@ virtual functions.
 ```
 
 
-Now let’s enable DPDK, first by cloning the DPDK repo, and then placing the script that will bind the VFs to the VFIO-PCI driver in the location that will run automatically each time the system boots up, so the VFIO (Virtual Function I/O) bindings are applied consistently:
+Now enable DPDK, first by cloning the DPDK repo, and then placing the script which
+will bind the VFs to the VFIO-PCI driver in the location that will run
+automatically each time the system boots up, so the VFIO
+(Virtual Function I/O) bindings are applied consistently:
 
 ```
 git clone https://github.com/DPDK/dpdk.git /home/ubuntu/dpdk
@@ -218,6 +226,7 @@ cat <<EOF > /var/lib/cloud/scripts/per-boot/dpdk_bind.sh
       fi
 sudo chmod 0755 /var/lib/cloud/scripts/per-boot/dpdk_bind.sh
 ```
+
 ```{dropdown} Explanation 
   * Load VFIO Module (modprobe vfio-pci): If the DPDK directory exists, the script loads the VFIO-PCI kernel module. This module is necessary for the VFIO driver to function.  
   * The script uses the dpdk-devbind.py tool (included with DPDK) to list the available network devices and their drivers.  
@@ -262,17 +271,19 @@ Network devices using DPDK-compatible driver
 
 With these preparation steps we have enabled the features of EPA:
 
-* NUMA and CPU Pinning are available to the first 32 CPUs  
-* Real-Time Kernel is enabled  
-* HugePages are enabled and 1000 1G huge pages are available   
-* SRIOV is enabled in the enp152s0f1 interface, with 128 virtual function interfaces bound to the vfio-pci driver (that could also use the iavf driver)  
-* DPDK is enabled in all the 128 virtual function interfaces
+- NUMA and CPU Pinning are available to the first 32 CPUs  
+- Real-Time Kernel is enabled  
+- HugePages are enabled and 1000 1G huge pages are available   
+- SRIOV is enabled in the enp152s0f1 interface, with 128 virtual 
+  function interfaces bound to the vfio-pci driver (that could also use the iavf driver)  
+- DPDK is enabled in all the 128 virtual function interfaces
 
 ````
 
 ````{group-tab} MAAS
 
-To prepare a machine for CPU isolation, Hugepages, real-time kernel, SRIOV and DPDK we leverage cloud-init through MAAS.
+To prepare a machine for CPU isolation, Hugepages, real-time kernel, 
+SRIOV and DPDK we leverage cloud-init through MAAS.
 
 ```
 #cloud-config
@@ -400,7 +411,7 @@ EPA capabilities.
 
 1. [Install the
    snap](https://documentation.ubuntu.com/canonical-kubernetes/latest/snap/howto/install/snap/)
-   from the moonray track. The [beta
+   from the relevant track, currently `{{track}}`. The [beta
    channel](https://documentation.ubuntu.com/canonical-kubernetes/latest/snap/explanation/channels/)
    is used at this point as the end configuration of the k8s snap is not
    finalised yet.
@@ -413,12 +424,13 @@ sudo snap install k8s --classic --channel=1.30-moonray/beta
    the snap start with its default CNI (calico), with CoreDNS deployed and we
    also point k8s to the external etcd. 
 
-```
+```yaml
 cluster-config:
   network:
     enabled: true
   dns:
-    enabled: true  local-storage:
+    enabled: true
+  local-storage:
     enabled: true
 extra-node-kubelet-args:
   --reserved-cpus: "0-31"
@@ -497,45 +509,47 @@ the thin flavor)
 sudo k8s kubectl apply -f https://raw.githubusercontent.com/k8snetworkplumbingwg/multus-cni/master/deployments/multus-daemonset-thick.yml
 ```
 
-Note: the memory limits for the multus pod spec in the DaemonSet should be
+```{note} 
+The memory limits for the multus pod spec in the DaemonSet should be
 increased (i.e. to 500Mi instead 50Mi) to avoid OOM issues when deploying
 multiple workload pods in parallel.
+```
 
 #### SRIOV Network Device Plugin 
 
-* Create sriov-dp.yaml configMap
+Create sriov-dp.yaml configMap:
 
 ```
 cat <<EOF | tee sriov-dp.yaml
 apiVersion: v1
 kind: ConfigMap
 metadata:
- name: sriovdp-config
- namespace: kube-system
+  name: sriovdp-config
+  namespace: kube-system
 data:
- config.json: |
-   {
-       "resourceList": [{
-               "resourceName": "intel_sriov_netdevice",
-               "selectors": [{
-                   "vendors": ["8086"],
-                   "devices": ["1889"],
-                   "drivers": ["iavf"]
-               }]
-           },
-           {
-               "resourceName": "intel_sriov_dpdk",
-               "resourcePrefix": "intel.com",
-               "selectors": [{
-                   "vendors": ["8086"],
-                   "devices": ["1889"],
-                   "drivers": ["vfio-pci"],
-                   "pfNames": ["enp152s0f1"],
-                   "needVhostNet": true
-               }]
-           }
-       ]
-   }
+  config.json: |
+    {
+      "resourceList": [{
+        "resourceName": "intel_sriov_netdevice",
+        "selectors": [{
+          "vendors": ["8086"],
+          "devices": ["1889"],
+          "drivers": ["iavf"]
+          }]
+        },
+        {
+        "resourceName": "intel_sriov_dpdk",
+        "resourcePrefix": "intel.com",
+        "selectors": [{
+            "vendors": ["8086"],
+            "devices": ["1889"],
+            "drivers": ["vfio-pci"],
+            "pfNames": ["enp152s0f1"],
+            "needVhostNet": true
+            }]
+        }
+      ]
+    }
 EOF
 ```
 
@@ -553,13 +567,15 @@ sudo k8s kubectl apply -f https://raw.githubusercontent.com/k8snetworkplumbingwg
 
 #### SRIOV CNI 
 
+Install the SRIOV CNI daemonset:
+
 ```
 sudo k8s kubectl apply -f https://raw.githubusercontent.com/k8snetworkplumbingwg/sriov-cni/master/images/sriov-cni-daemonset.yaml
 ```
 
 #### Multus NetworkAttachmentDefinition 
 
-Create the sriov-nad.yaml NetworkAttachmentDefinition
+Create the sriov-nad.yaml NetworkAttachmentDefinition:
 
 ```
 cat <<EOF | tee sriov-nad.yaml
@@ -719,7 +735,7 @@ The output of cyclictest will provide statistics like:
 * Minimum latency: The shortest observed cycle time.  
 * Maximum latency: The longest observed cycle time.
 
-Create a pod that will run cyclictest tool with specific options:
+Create a pod that will run the cyclictest tool with specific options:
 
 - `-l 1000000`: Sets the number of test iterations to 1 million.  
 - `-m`: Measures the maximum latency.  

From 35fcec0a4145ae484a90dbfe15cb7e68fc49af00 Mon Sep 17 00:00:00 2001
From: Nick Veitch <nick.veitch@canonical.com>
Date: Fri, 13 Sep 2024 15:53:59 +0100
Subject: [PATCH 13/45] fix headings

---
 docs/src/snap/howto/epa.md | 23 +++++++++++++++--------
 1 file changed, 15 insertions(+), 8 deletions(-)

diff --git a/docs/src/snap/howto/epa.md b/docs/src/snap/howto/epa.md
index 1a69b9299..72f3c0bbf 100644
--- a/docs/src/snap/howto/epa.md
+++ b/docs/src/snap/howto/epa.md
@@ -630,7 +630,7 @@ It is important to verify that all of these enabled features are working as
 expected before relying on them. This section confirms that
 everything is working as expected.
 
-### Testing HugePages 
+### Test HugePages 
 
 Verify that HugePages are allocated on your Kubernetes nodes. You can do this
 by checking the node's capacity and allocatable resources:
@@ -708,7 +708,7 @@ The output should reflect the HugePage request:
 
 ```
 
-## Test the real-time kernel
+### Test the real-time kernel
 
 First, verify that real-time kernel is enabled in the worker node by checking
 if “PREEMPT RT” appears after running the `uname -a` command:
@@ -796,7 +796,7 @@ T: 0 ( 2965) P:80 I:1000 C: 241486 Min:      3 Act:    4 Avg:    3 Max:      18
 
 ```
 
-## Testing CPU Pinning and NUMA Topology Awareness in {{product}}
+### Test CPU Pinning and NUMA 
 
 First check if CPU Manager and NUMA Topology Manager is set up in the worker node:
 
@@ -835,9 +835,13 @@ Now let’s label the node with information about the available CPU/NUMA nodes,
 ```
 sudo k8s kubectl label node pc6b-rb4-n3 topology.kubernetes.io/zone=NUMA
 
-### Expected Output ###
+```
+
+```
 node/pc6b-rb4-n3 labeled
+```
 
+```
 $ cat <<EOF | sudo k8s kubectl apply -f -
 apiVersion: v1
 kind: Pod
@@ -883,7 +887,7 @@ sudo k8s kubectl describe node pc6b-rb4-n3
 sudo k8s kubectl describe pod cpu-pinning-test
 ```
 
-### Expected Output ###
+```
 ...
     Limits:
       cpu:     2
@@ -892,7 +896,11 @@ sudo k8s kubectl describe pod cpu-pinning-test
       cpu:        2
       memory:     512Mi
 ...
+```
 
+<!-- this needs to be explained -->
+
+```
 sudo k8s kubectl exec -ti cpu-pinning-test -- /bin/bash
 root@cpu-pinning-test:/# ps -ef
 UID          PID    PPID  C STIME TTY          TIME CMD
@@ -914,7 +922,7 @@ Based on the output, the sleep infinity process (PID 1\) is indeed being pinned
 to specific CPU cores (0 and 32). This indicates that the CPU pinning is
 working correctly. 
 
-### Testing SR-IOV & DPDK
+### Test SR-IOV & DPDK
 
 First check if SR-IOV Device Plugin pod is running and healthy in the cluster,
 if SR-IOV is allocatable in the worker node and the PCI IDs of the VFs
@@ -1066,7 +1074,6 @@ sudo k8s kubectl describe pod sriov-test-pod
 
 
 
-
 ## Further reading
 
 * [How to enable Real-time Ubuntu](https://canonical-ubuntu-pro-client.readthedocs-hosted.com/en/latest/howtoguides/enable\_realtime\_kernel/\#how-to-enable-real-time-ubuntu)  
@@ -1078,4 +1085,4 @@ sudo k8s kubectl describe pod sriov-test-pod
 
 <!-- LINKS -->
 
-[MAAS]: maas.io
\ No newline at end of file
+[MAAS]: https://maas.io
\ No newline at end of file

From c6539cb3a386d24787f0aac2b1769d281bcb73df Mon Sep 17 00:00:00 2001
From: Nick Veitch <nick.veitch@canonical.com>
Date: Fri, 13 Sep 2024 18:23:28 +0100
Subject: [PATCH 14/45] formatting

---
 docs/src/snap/howto/epa.md | 40 +++++++++++++++++++-------------------
 1 file changed, 20 insertions(+), 20 deletions(-)

diff --git a/docs/src/snap/howto/epa.md b/docs/src/snap/howto/epa.md
index 72f3c0bbf..945c309fd 100644
--- a/docs/src/snap/howto/epa.md
+++ b/docs/src/snap/howto/epa.md
@@ -452,7 +452,7 @@ After a few seconds you can query the API server with:
 sudo k8s kubectl get all -A
 ```
 
-### Second k8s node as worker 
+### Add second k8s node as worker 
 
 1. Install the k8s snap on the second node
 
@@ -483,7 +483,7 @@ sudo k8s join-cluster --file configuration.yaml <token-generated-on-the-control-
 ```
 
 
-### Verify the two node cluster is ready 
+#### Verify the two node cluster is ready 
 
 After a few seconds the second worker node will register with the control
 plane. You can query the available workers from the first node:
@@ -729,11 +729,11 @@ it takes for a thread to cycle between high and low priority states, giving you
 an indication of the system's responsiveness to real-time events.  Lower
 latencies typically indicate better real-time performance.
 
-The output of cyclictest will provide statistics like:
+The output of cyclictest will provide statistics including:
 
-* Average latency: The average time taken for a cycle.  
-* Minimum latency: The shortest observed cycle time.  
-* Maximum latency: The longest observed cycle time.
+- Average latency: The average time taken for a cycle.  
+- Minimum latency: The shortest observed cycle time.  
+- Maximum latency: The longest observed cycle time.
 
 Create a pod that will run the cyclictest tool with specific options:
 
@@ -759,7 +759,7 @@ spec:
 EOF
 ```
 
-Get the pod logs to verify that the test is running:
+Confirm that the test is running by checking the pod's logs:
 
 ```
 sudo k8s kubectl logs realtime-kernel-test -f
@@ -780,19 +780,19 @@ T: 0 ( 2965) P:80 I:1000 C: 241486 Min:      3 Act:    4 Avg:    3 Max:      18
 - `policy: fifo`: This means the scheduling policy for the cyclictest thread is set to FIFO (First In, First Out). In FIFO scheduling, the highest priority task that is ready to run gets the CPU first and continues running until it is blocked or voluntarily yields the CPU.  
 - `loadavg: 7.92 8.34 9.32 1/3698 2965:` This shows the load average of your system over the last 1, 5, and 15 minutes. The numbers are quite high, indicating that your system is under significant load. This can potentially affect the latency measurements.  
 - `T: 0 ( 2965) P:80 I:1000 C: 241486`:  
-  - T: 0: The number of the CPU core the test was run on (CPU 0 in this case).  
-  - (2965): The PID (Process ID) of the cyclictest process.  
-  - P:80: The priority of the cyclictest thread.  
-  - I:1000: The number of iterations (loops) the test ran for (1000 in this case).  
-  - C: 241486: The number of cycles per second that the test has aimed for.  
-* Min: 3 Act: 4 Avg: 3 Max: 18: These are the key latency statistics in microseconds (us):  
-  * Min: The minimum latency observed during the test (3 us).  
-  * Act: The actual average latency (4 us).  
-  * Avg: The expected average latency (3us).  
-  * Max: The maximum latency observed during the test (18 us).  
-* In this case, the results suggest the following:  
-  * Low Latencies: The minimum, average, and maximum latencies are all very low (3-18 us), which is a good sign for real-time performance. It indicates that your real-time kernel is responding promptly to events.  
-  * High Load: The high load average indicates that your system is busy, but even under this load, the real-time kernel is maintaining low latencies for the high-priority cyclictest thread.
+  - `T: 0`: The number of the CPU core the test was run on (CPU 0 in this case).  
+  - `(2965)`: The PID (Process ID) of the cyclictest process.  
+  - `P:80`: The priority of the cyclictest thread.  
+  - `I:1000`: The number of iterations (loops) the test ran for (1000 in this case).  
+  - `C: 241486`: The number of cycles per second that the test has aimed for.  
+- `Min: 3 Act: 4 Avg: 3 Max: 18`: These are the key latency statistics in microseconds (us):  
+  - `Min`: The minimum latency observed during the test (3 us).  
+  - `Act`: The actual average latency (4 us).  
+  - `Avg`: The expected average latency (3us).  
+  - `Max`: The maximum latency observed during the test (18 us).  
+- In this case, the results suggest the following:  
+  - Low Latencies: The minimum, average, and maximum latencies are all very low (3-18 us), which is a good sign for real-time performance. It indicates that your real-time kernel is responding promptly to events.  
+  - High Load: The high load average indicates that your system is busy, but even under this load, the real-time kernel is maintaining low latencies for the high-priority cyclictest thread.
 
 ```
 

From 70e6ebafe1c97ecd339a03aa9f3c6347abcca41e Mon Sep 17 00:00:00 2001
From: Nick Veitch <nick.veitch@canonical.com>
Date: Fri, 13 Sep 2024 18:29:19 +0100
Subject: [PATCH 15/45] formatting

---
 docs/src/snap/howto/epa.md | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/docs/src/snap/howto/epa.md b/docs/src/snap/howto/epa.md
index 945c309fd..b9db9de2a 100644
--- a/docs/src/snap/howto/epa.md
+++ b/docs/src/snap/howto/epa.md
@@ -808,20 +808,22 @@ ps -ef | grep /snap/k8s/678/bin/kubelet
 root        9139       1  1 Jul17 ?        00:20:03 /snap/k8s/678/bin/kubelet --anonymous-auth=false --authentication-token-webhook=true --authorization-mode=Webhook --client-ca-file=/etc/kubernetes/pki/client-ca.crt --cluster-dns=10.152.183.97 --cluster-domain=cluster.local --container-runtime-endpoint=/var/snap/k8s/common/run/containerd.sock --containerd=/var/snap/k8s/common/run/containerd.sock --cpu-manager-policy=static --eviction-hard=memory.available<100Mi,nodefs.available<1Gi,imagefs.available<1Gi --fail-swap-on=false --kubeconfig=/etc/kubernetes/kubelet.conf --node-ip=10.18.2.153 --node-labels=node-role.kubernetes.io/worker=,k8sd.io/role=worker --read-only-port=0 --register-with-taints= --reserved-cpus=0-31 --root-dir=/var/lib/kubelet --serialize-image-pulls=false --tls-cert-file=/etc/kubernetes/pki/kubelet.crt --tls-cipher-suites=TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305,TLS_RSA_WITH_AES_128_GCM_SHA256,TLS_RSA_WITH_AES_256_GCM_SHA384 --tls-private-key-file=/etc/kubernetes/pki/kubelet.key --topology-manager-policy=best-effort
 ```
 
-Breakdown:
+```{dropdown} Explanation of output
 
 * \--cpu-manager-policy=static : This flag within the Kubelet command line arguments explicitly tells us that the CPU Manager is active and using the static policy. Here's what this means:  
   * CPU Manager:  This is a component of Kubelet that manages how CPU resources are allocated to pods running on a node.  
   * Static Policy:  This policy is designed to provide stricter control over CPU allocation. With the static policy, you can request integer CPUs for your containers (e.g., 1, 2, etc.), and {{product}} will try to assign them to dedicated CPU cores on the node, providing a greater degree of isolation and predictability.  
 * \--reserved-cpus=0-31: This line indicates that no CPUs are reserved for the Kubelet or system processes. This implies that all CPUs might be available for pod scheduling, depending on the cluster's overall resource allocation strategy.  
 * \--topology-manager-policy=best-effort: This flag sets the topology manager policy to "best-effort." The topology manager helps optimise pod placement on nodes by considering factors like NUMA nodes, CPU cores, and devices. The "best-effort" policy tries to place pods optimally, but it doesn't enforce strict requirements.
+```
 
 You can also confirm the total number of NUMA CPUs available in the worker node:
 
 ```
 lscpu
+```
 
-### Expected Output ###
+```
 ....
 NUMA:
   NUMA node(s):           2

From 08814fb16988e7710f9a4f320ac67ba05455089a Mon Sep 17 00:00:00 2001
From: Nick Veitch <nick.veitch@canonical.com>
Date: Fri, 13 Sep 2024 18:55:53 +0100
Subject: [PATCH 16/45] add version and track

---
 docs/tools/reuse/substitutions.yaml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/docs/tools/reuse/substitutions.yaml b/docs/tools/reuse/substitutions.yaml
index 41fd9e08e..c88e1f482 100644
--- a/docs/tools/reuse/substitutions.yaml
+++ b/docs/tools/reuse/substitutions.yaml
@@ -1,4 +1,6 @@
 product: 'Canonical Kubernetes'
+version: '1.31'
+track: '1.31/edge'
 multi_line_example: |-
   *Multi-line* text
    that uses basic **markup**.

From 5b725d4807c0216a09e1e9576ad095dd16520fe5 Mon Sep 17 00:00:00 2001
From: Nick Veitch <nick.veitch@canonical.com>
Date: Sun, 15 Sep 2024 18:27:28 +0100
Subject: [PATCH 17/45] fix moonray refs

---
 docs/src/_parts/install.md          |  3 +
 docs/src/snap/howto/epa.md          | 97 +++++++++++++++--------------
 docs/tools/reuse/substitutions.yaml |  2 +-
 3 files changed, 55 insertions(+), 47 deletions(-)
 create mode 100644 docs/src/_parts/install.md

diff --git a/docs/src/_parts/install.md b/docs/src/_parts/install.md
new file mode 100644
index 000000000..be6b47317
--- /dev/null
+++ b/docs/src/_parts/install.md
@@ -0,0 +1,3 @@
+```
+sudo snap install k8s --classic --channel=1.31/edge
+```
\ No newline at end of file
diff --git a/docs/src/snap/howto/epa.md b/docs/src/snap/howto/epa.md
index b9db9de2a..62f47d4e1 100644
--- a/docs/src/snap/howto/epa.md
+++ b/docs/src/snap/howto/epa.md
@@ -370,7 +370,7 @@ write_files:
 # install the snap
 snap:
   commands:
-    00: 'snap install k8s --classic --channel=1.30-moonray/beta'
+    00: 'snap install k8s --classic --channel=1.31/beta'
 
 runcmd:
 # fetch dpdk driver binding script
@@ -411,40 +411,43 @@ EPA capabilities.
 
 1. [Install the
    snap](https://documentation.ubuntu.com/canonical-kubernetes/latest/snap/howto/install/snap/)
-   from the relevant track, currently `{{track}}`. The [beta
-   channel](https://documentation.ubuntu.com/canonical-kubernetes/latest/snap/explanation/channels/)
-   is used at this point as the end configuration of the k8s snap is not
-   finalised yet.
+   from the relevant [channel][channel]. 
+   ```{note}
+   A pre-release channel is required currently until there is a finalised release of {{product}}.
+   ```
 
-```
-sudo snap install k8s --classic --channel=1.30-moonray/beta
-```
+   For example:
+
+   <!-- This uses a generic include for this branch to insert the standard 
+   install command-->
+   ```{include} ../../_parts/install.md
+   ```
 
 2. Create a file called *configuration.yaml*. In this configuration file we let
    the snap start with its default CNI (calico), with CoreDNS deployed and we
    also point k8s to the external etcd. 
 
-```yaml
-cluster-config:
-  network:
-    enabled: true
-  dns:
-    enabled: true
-  local-storage:
-    enabled: true
-extra-node-kubelet-args:
-  --reserved-cpus: "0-31"
-  --cpu-manager-policy: "static"
-  --topology-manager-policy: "best-effort"
-```
+   ```yaml
+   cluster-config:
+     network:
+       enabled: true
+     dns:
+       enabled: true
+     local-storage:
+       enabled: true
+   extra-node-kubelet-args:
+     --reserved-cpus: "0-31"
+     --cpu-manager-policy: "static"
+     --topology-manager-policy: "best-effort"
+   ```
 
 3. Bootstrap {{product}} using the above configuration file.
 
-```
-sudo k8s bootstrap --file configuration.yaml
-```
+   ```
+   sudo k8s bootstrap --file configuration.yaml
+   ```
 
-#### Verify control plane node is up
+#### Verify the control plane node is running
 
 After a few seconds you can query the API server with:
 
@@ -452,35 +455,34 @@ After a few seconds you can query the API server with:
 sudo k8s kubectl get all -A
 ```
 
-### Add second k8s node as worker 
+### Add a second k8s node as a worker 
 
 1. Install the k8s snap on the second node
 
-```
-sudo snap install k8s --classic --channel=1.30-moonray/beta
-```
+   ```{include} ../../_parts/install.md
+   ```
 
 2. On the control plane node generate a join token to be used for joining the
    second node
 
-```
-sudo k8s get-join-token --worker
-```
+   ```
+   sudo k8s get-join-token --worker
+   ```
 
 3. On the worker node create the configuration.yaml file
 
-```
-extra-node-kubelet-args:
-  --reserved-cpus: "0-31"
-  --cpu-manager-policy: "static"
-  --topology-manager-policy: "best-effort"
-```
+   ```
+   extra-node-kubelet-args:
+     --reserved-cpus: "0-31"
+     --cpu-manager-policy: "static"
+     --topology-manager-policy: "best-effort"
+   ```
 
 4. On the worker node use the token to join the cluster
 
-```
-sudo k8s join-cluster --file configuration.yaml <token-generated-on-the-control-plane-node>
-```
+   ```
+   sudo k8s join-cluster --file configuration.yaml <token-generated-on-the-control-plane-node>
+   ```
 
 
 #### Verify the two node cluster is ready 
@@ -496,8 +498,8 @@ The output should list the connected nodes:
 
 ```
 NAME          STATUS   ROLES                  AGE   VERSION
-pc6b-rb4-n1   Ready    control-plane,worker   22h   v1.30.2
-pc6b-rb4-n3   Ready    worker                 22h   v1.30.2
+pc6b-rb4-n1   Ready    control-plane,worker   22h   v1.31.0
+pc6b-rb4-n3   Ready    worker                 22h   v1.31.0
 ```
 
 ### Multus and SRIOV setup 
@@ -844,7 +846,7 @@ node/pc6b-rb4-n3 labeled
 ```
 
 ```
-$ cat <<EOF | sudo k8s kubectl apply -f -
+cat <<EOF | sudo k8s kubectl apply -f -
 apiVersion: v1
 kind: Pod
 metadata:
@@ -1045,6 +1047,8 @@ automatically to the `net1` interface:
 sudo k8s kubectl describe pod sriov-test-pod
 ```
 
+The output (shown truncated below) should indicate the interface and
+the correct PCI address:
 
 ```
 ...
@@ -1078,7 +1082,7 @@ sudo k8s kubectl describe pod sriov-test-pod
 
 ## Further reading
 
-* [How to enable Real-time Ubuntu](https://canonical-ubuntu-pro-client.readthedocs-hosted.com/en/latest/howtoguides/enable\_realtime\_kernel/\#how-to-enable-real-time-ubuntu)  
+* [How to enable real-time Ubuntu](https://canonical-ubuntu-pro-client.readthedocs-hosted.com/en/latest/howtoguides/enable\_realtime\_kernel/\#how-to-enable-real-time-ubuntu)  
 * [Manage HugePages](https://kubernetes.io/docs/tasks/manage-hugepages/scheduling-hugepages/)  
 * [Utilising the NUMA-aware Memory Manager](https://kubernetes.io/docs/tasks/administer-cluster/memory-manager/)  
 * [SR-IOV Network Device Plugin for Kubernetes](https://github.com/k8snetworkplumbingwg/sriov-network-device-plugin)  
@@ -1087,4 +1091,5 @@ sudo k8s kubectl describe pod sriov-test-pod
 
 <!-- LINKS -->
 
-[MAAS]: https://maas.io
\ No newline at end of file
+[MAAS]: https://maas.io
+[channel]: https://documentation.ubuntu.com/canonical-kubernetes/latest/snap/explanation/channels/
\ No newline at end of file
diff --git a/docs/tools/reuse/substitutions.yaml b/docs/tools/reuse/substitutions.yaml
index c88e1f482..51923e7f0 100644
--- a/docs/tools/reuse/substitutions.yaml
+++ b/docs/tools/reuse/substitutions.yaml
@@ -1,6 +1,6 @@
 product: 'Canonical Kubernetes'
 version: '1.31'
-track: '1.31/edge'
+channel: '1.31/edge'
 multi_line_example: |-
   *Multi-line* text
    that uses basic **markup**.

From 7ec4e8af248f0358d9464042c298c3df80f44413 Mon Sep 17 00:00:00 2001
From: Nick Veitch <nick.veitch@canonical.com>
Date: Sun, 15 Sep 2024 18:43:12 +0100
Subject: [PATCH 18/45] Update docs/src/snap/howto/epa.md

Co-authored-by: Louise K. Schmidtgen <louise.schmidtgen@canonical.com>
---
 docs/src/snap/howto/epa.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docs/src/snap/howto/epa.md b/docs/src/snap/howto/epa.md
index 62f47d4e1..ea9d2d417 100644
--- a/docs/src/snap/howto/epa.md
+++ b/docs/src/snap/howto/epa.md
@@ -928,7 +928,7 @@ working correctly.
 
 ### Test SR-IOV & DPDK
 
-First check if SR-IOV Device Plugin pod is running and healthy in the cluster,
+Ensure that the SR-IOV Device Plugin pod is running and healthy in the cluster,
 if SR-IOV is allocatable in the worker node and the PCI IDs of the VFs
 available in the node (describing one of them to get further details):
 

From 631911341586eb587284787923389daf32ef6dc1 Mon Sep 17 00:00:00 2001
From: Nick Veitch <nick.veitch@canonical.com>
Date: Sun, 15 Sep 2024 18:44:40 +0100
Subject: [PATCH 19/45] fix linter whinges

---
 docs/src/snap/howto/epa.md | 15 ++++++++++-----
 1 file changed, 10 insertions(+), 5 deletions(-)

diff --git a/docs/src/snap/howto/epa.md b/docs/src/snap/howto/epa.md
index ea9d2d417..f6998e6b8 100644
--- a/docs/src/snap/howto/epa.md
+++ b/docs/src/snap/howto/epa.md
@@ -1,6 +1,7 @@
 # How to set up Enhanced Platform Awareness
 
-This section explains how to set up the Enhanced Platform Awareness (EPA) features in a {{product}} cluster. 
+This section explains how to set up the Enhanced Platform Awareness (EPA)
+features in a {{product}} cluster. 
 
 The content starts with the setup of the environment (including steps for using
 [MAAS][MAAS]). Then the setup of {{product}}, including the Multus & SR-IOV/DPDK
@@ -741,7 +742,8 @@ Create a pod that will run the cyclictest tool with specific options:
 
 - `-l 1000000`: Sets the number of test iterations to 1 million.  
 - `-m`: Measures the maximum latency.  
-- `-p 80`: Sets the real-time scheduling priority to 80 (a high priority, typically used for real-time tasks).  
+- `-p 80`: Sets the real-time scheduling priority to 80 (a high priority, 
+  typically used for real-time tasks).  
 - `-t 1`: Specifies CPU core 1 to be used for the test.
 
 ```
@@ -800,7 +802,8 @@ T: 0 ( 2965) P:80 I:1000 C: 241486 Min:      3 Act:    4 Avg:    3 Max:      18
 
 ### Test CPU Pinning and NUMA 
 
-First check if CPU Manager and NUMA Topology Manager is set up in the worker node:
+First check if CPU Manager and NUMA Topology Manager is set up in the worker
+node:
 
 ```
 ps -ef | grep /snap/k8s/678/bin/kubelet
@@ -834,7 +837,8 @@ NUMA:
 ...
 ```
 
-Now let’s label the node with information about the available CPU/NUMA nodes, and then create a pod selecting that label:
+Now let’s label the node with information about the available CPU/NUMA nodes,
+and then create a pod selecting that label:
 
 ```
 sudo k8s kubectl label node pc6b-rb4-n3 topology.kubernetes.io/zone=NUMA
@@ -996,7 +1000,8 @@ lspci -s 98:1f.2 -vv
 	Kernel modules: iavf
 ```
 
-Now, create a test pod that will claim a network interface from the DPDK network:
+Now, create a test pod that will claim a network interface from the DPDK
+network:
 
 ```
 cat <<EOF | sudo k8s kubectl apply -f -

From 7106d14c6da397b4be3eaf0e6fb7a358442f5cde Mon Sep 17 00:00:00 2001
From: Nick Veitch <nick.veitch@canonical.com>
Date: Sun, 15 Sep 2024 18:47:04 +0100
Subject: [PATCH 20/45] fix note

---
 docs/src/snap/howto/epa.md | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/docs/src/snap/howto/epa.md b/docs/src/snap/howto/epa.md
index f6998e6b8..e74ae2ef8 100644
--- a/docs/src/snap/howto/epa.md
+++ b/docs/src/snap/howto/epa.md
@@ -388,11 +388,13 @@ power_state:
   mode: reboot
 ```
 
-Notes:
-
-* In the above, realtime kernel 6.8 is installed from a private ppa. It was recently backported from 24.04 to 22.04 and is still going through some validation stages. Once it is officially released, it will be installable via the Ubuntu Pro cli.
-
+```{note}
 
+In the above file, the realtime kernel 6.8 is installed from a private PPA.
+It was recently backported from 24.04 to 22.04 and is still going through
+some validation stages. Once it is officially released, it will be
+installable via the Ubuntu Pro cli.
+```
 ````
 `````
 

From c20232964d71a2a16ef4eed78854f45b93c625c4 Mon Sep 17 00:00:00 2001
From: Nick Veitch <nick.veitch@canonical.com>
Date: Sun, 15 Sep 2024 18:56:49 +0100
Subject: [PATCH 21/45] snap reference

---
 docs/src/snap/howto/epa.md | 16 ++++++----------
 1 file changed, 6 insertions(+), 10 deletions(-)

diff --git a/docs/src/snap/howto/epa.md b/docs/src/snap/howto/epa.md
index e74ae2ef8..888752564 100644
--- a/docs/src/snap/howto/epa.md
+++ b/docs/src/snap/howto/epa.md
@@ -398,23 +398,17 @@ installable via the Ubuntu Pro cli.
 ````
 `````
 
-
-
-
-
 ## {{product}} setup 
 
-{{product}} is delivered as a 
-[snap](https://documentation.ubuntu.com/canonical-kubernetes/latest/snap/).
+{{product}} is delivered as a [snap][].
 
 This section explains how to set up a dual node {{product}} cluster for testing
 EPA capabilities.
 
 ### Control plane and worker node 
 
-1. [Install the
-   snap](https://documentation.ubuntu.com/canonical-kubernetes/latest/snap/howto/install/snap/)
-   from the relevant [channel][channel]. 
+1. [Install the snap][install-link] from the relevant [channel][channel]. 
+   
    ```{note}
    A pre-release channel is required currently until there is a finalised release of {{product}}.
    ```
@@ -1099,4 +1093,6 @@ the correct PCI address:
 <!-- LINKS -->
 
 [MAAS]: https://maas.io
-[channel]: https://documentation.ubuntu.com/canonical-kubernetes/latest/snap/explanation/channels/
\ No newline at end of file
+[channel]: https://documentation.ubuntu.com/canonical-kubernetes/latest/snap/explanation/channels/
+[install-link]: /snap/howto/install/snap
+[snap]: https://snapcraft.io/docs
\ No newline at end of file

From da1a0ab1d253cbfce24af73989760b56139079f2 Mon Sep 17 00:00:00 2001
From: Nick Veitch <nick.veitch@canonical.com>
Date: Mon, 16 Sep 2024 00:11:39 +0100
Subject: [PATCH 22/45] language and format fixes

---
 docs/src/snap/howto/epa.md | 47 ++++++++++++++++++++++----------------
 1 file changed, 27 insertions(+), 20 deletions(-)

diff --git a/docs/src/snap/howto/epa.md b/docs/src/snap/howto/epa.md
index 888752564..0fef39fdc 100644
--- a/docs/src/snap/howto/epa.md
+++ b/docs/src/snap/howto/epa.md
@@ -501,8 +501,8 @@ pc6b-rb4-n3   Ready    worker                 22h   v1.31.0
 
 ### Multus and SRIOV setup 
 
-Get the thick plugin (in case of resource scarcity we can consider deploying
-the thin flavor)
+Apply the 'thick' Multus plugin (in case of resource scarcity we can consider 
+deploying the thin flavour)
 
 ```
 sudo k8s kubectl apply -f https://raw.githubusercontent.com/k8snetworkplumbingwg/multus-cni/master/deployments/multus-daemonset-thick.yml
@@ -710,7 +710,7 @@ The output should reflect the HugePage request:
 ### Test the real-time kernel
 
 First, verify that real-time kernel is enabled in the worker node by checking
-if “PREEMPT RT” appears after running the `uname -a` command:
+the output from the `uname -a` command:
 
 ```
 uname -a
@@ -722,7 +722,7 @@ The output should show the “PREEMPT RT” identifier:
 Linux pc6b-rb4-n3 6.8.1-1004-realtime #4~22.04.1-Ubuntu SMP PREEMPT_RT Mon Jun 24 16:45:51 UTC 2024 x86_64 x86_64 x86_64 GNU/Linux
 ```
 
-The test will use cyclictest, commonly used to assess the real-time performance
+The test will use [cyclictest][], commonly used to assess the real-time performance
 of a system, especially when running a real-time kernel. It measures the time
 it takes for a thread to cycle between high and low priority states, giving you
 an indication of the system's responsiveness to real-time events.  Lower
@@ -811,19 +811,22 @@ root        9139       1  1 Jul17 ?        00:20:03 /snap/k8s/678/bin/kubelet --
 
 ```{dropdown} Explanation of output
 
-* \--cpu-manager-policy=static : This flag within the Kubelet command line arguments explicitly tells us that the CPU Manager is active and using the static policy. Here's what this means:  
-  * CPU Manager:  This is a component of Kubelet that manages how CPU resources are allocated to pods running on a node.  
-  * Static Policy:  This policy is designed to provide stricter control over CPU allocation. With the static policy, you can request integer CPUs for your containers (e.g., 1, 2, etc.), and {{product}} will try to assign them to dedicated CPU cores on the node, providing a greater degree of isolation and predictability.  
-* \--reserved-cpus=0-31: This line indicates that no CPUs are reserved for the Kubelet or system processes. This implies that all CPUs might be available for pod scheduling, depending on the cluster's overall resource allocation strategy.  
-* \--topology-manager-policy=best-effort: This flag sets the topology manager policy to "best-effort." The topology manager helps optimise pod placement on nodes by considering factors like NUMA nodes, CPU cores, and devices. The "best-effort" policy tries to place pods optimally, but it doesn't enforce strict requirements.
+   - `--cpu-manager-policy=static` : This flag within the Kubelet command line arguments explicitly tells us that the CPU Manager is active and using the static policy. Here's what this means:  
+      - `CPU Manager`:  This is a component of Kubelet that manages how CPU resources are allocated to pods running on a node.  
+      - `Static Policy`:  This policy is designed to provide stricter control over CPU allocation. With the static policy, you can request integer CPUs for your containers (e.g., 1, 2, etc.), and {{product}} will try to assign them to dedicated CPU cores on the node, providing a greater degree of isolation and predictability.  
+   - `--reserved-cpus=0-31`: This line indicates that no CPUs are reserved for the Kubelet or system processes. This implies that all CPUs might be available for pod scheduling, depending on the cluster's overall resource allocation strategy.  
+   - `--topology-manager-policy=best-effort`: This flag sets the topology manager policy to "best-effort." The topology manager helps optimise pod placement on nodes by considering factors like NUMA nodes, CPU cores, and devices. The "best-effort" policy tries to place pods optimally, but it doesn't enforce strict requirements.
 ```
 
-You can also confirm the total number of NUMA CPUs available in the worker node:
+You can also confirm the total number of NUMA CPUs available in the worker node.
+Run the command:
 
 ```
 lscpu
 ```
 
+The ouptut should include information on the CPUs like this example:
+
 ```
 ....
 NUMA:
@@ -833,18 +836,21 @@ NUMA:
 ...
 ```
 
-Now let’s label the node with information about the available CPU/NUMA nodes,
-and then create a pod selecting that label:
+Label the node with information about the available CPU/NUMA nodes:
 
 ```
 sudo k8s kubectl label node pc6b-rb4-n3 topology.kubernetes.io/zone=NUMA
 
 ```
 
+The output should indicate the label has been applied:
+
 ```
 node/pc6b-rb4-n3 labeled
 ```
 
+Now create a pod applying that label:
+
 ```
 cat <<EOF | sudo k8s kubectl apply -f -
 apiVersion: v1
@@ -868,8 +874,8 @@ spec:
 EOF
 ```
 
-Finally, describing the node and the pod will confirm that the pod is running
-on the intended node and that its CPU requests are being met; also running
+Dscribing the node and the pod will confirm that the pod is running
+on the intended node and that its CPU requests are being met. Running
 taskset inside the pod will identify the pod pinned to the process running
 inside the pod:
 
@@ -1083,11 +1089,11 @@ the correct PCI address:
 
 ## Further reading
 
-* [How to enable real-time Ubuntu](https://canonical-ubuntu-pro-client.readthedocs-hosted.com/en/latest/howtoguides/enable\_realtime\_kernel/\#how-to-enable-real-time-ubuntu)  
-* [Manage HugePages](https://kubernetes.io/docs/tasks/manage-hugepages/scheduling-hugepages/)  
-* [Utilising the NUMA-aware Memory Manager](https://kubernetes.io/docs/tasks/administer-cluster/memory-manager/)  
-* [SR-IOV Network Device Plugin for Kubernetes](https://github.com/k8snetworkplumbingwg/sriov-network-device-plugin)  
-* [VMware Telco Cloud Automation \- EPA](https://docs.vmware.com/en/VMware-Telco-Cloud-Automation/3.1.1/com-vmware-tca-userguide/GUID-3F4BA111-D344-4022-A635-7D5774385EF8.html)
+- [How to enable real-time Ubuntu](https://canonical-ubuntu-pro-client.readthedocs-hosted.com/en/latest/howtoguides/enable\_realtime\_kernel/\#how-to-enable-real-time-ubuntu)  
+- [Manage HugePages](https://kubernetes.io/docs/tasks/manage-hugepages/scheduling-hugepages/)  
+- [Utilising the NUMA-aware Memory Manager](https://kubernetes.io/docs/tasks/administer-cluster/memory-manager/)  
+- [SR-IOV Network Device Plugin for Kubernetes](https://github.com/k8snetworkplumbingwg/sriov-network-device-plugin)  
+- [VMware Telco Cloud Automation \- EPA](https://docs.vmware.com/en/VMware-Telco-Cloud-Automation/3.1.1/com-vmware-tca-userguide/GUID-3F4BA111-D344-4022-A635-7D5774385EF8.html)
 
 
 <!-- LINKS -->
@@ -1095,4 +1101,5 @@ the correct PCI address:
 [MAAS]: https://maas.io
 [channel]: https://documentation.ubuntu.com/canonical-kubernetes/latest/snap/explanation/channels/
 [install-link]: /snap/howto/install/snap
-[snap]: https://snapcraft.io/docs
\ No newline at end of file
+[snap]: https://snapcraft.io/docs
+[cyclictest]: https://github.com/jlelli/rt-tests
\ No newline at end of file

From d319af7b2050cf2416f7d49a22fcc02d0994b27b Mon Sep 17 00:00:00 2001
From: Nick Veitch <nick.veitch@canonical.com>
Date: Mon, 16 Sep 2024 11:48:22 +0100
Subject: [PATCH 23/45] added some explanations

---
 docs/src/snap/howto/epa.md | 23 +++++++++++++++--------
 1 file changed, 15 insertions(+), 8 deletions(-)

diff --git a/docs/src/snap/howto/epa.md b/docs/src/snap/howto/epa.md
index 0fef39fdc..3c88c2402 100644
--- a/docs/src/snap/howto/epa.md
+++ b/docs/src/snap/howto/epa.md
@@ -722,11 +722,11 @@ The output should show the “PREEMPT RT” identifier:
 Linux pc6b-rb4-n3 6.8.1-1004-realtime #4~22.04.1-Ubuntu SMP PREEMPT_RT Mon Jun 24 16:45:51 UTC 2024 x86_64 x86_64 x86_64 GNU/Linux
 ```
 
-The test will use [cyclictest][], commonly used to assess the real-time performance
-of a system, especially when running a real-time kernel. It measures the time
-it takes for a thread to cycle between high and low priority states, giving you
-an indication of the system's responsiveness to real-time events.  Lower
-latencies typically indicate better real-time performance.
+The test will use [cyclictest][], commonly used to assess the real-time
+performance of a system, especially when running a real-time kernel. It
+measures the time it takes for a thread to cycle between high and low priority
+states, giving you an indication of the system's responsiveness to real-time
+events.  Lower latencies typically indicate better real-time performance.
 
 The output of cyclictest will provide statistics including:
 
@@ -971,12 +971,14 @@ Allocatable:
 ....
 ```
 
-The virtual functions should also appear on th 
+The virtual functions are created on the PCI bus, which can also be verified:
 
 ```
 lspci | grep Virtual
 ```
 
+...should list the presence of the virtual functions:
+
 ```
 98:11.0 Ethernet controller: Intel Corporation Ethernet Adaptive Virtual Function (rev 02)
 98:11.1 Ethernet controller: Intel Corporation Ethernet Adaptive Virtual Function (rev 02)
@@ -987,8 +989,15 @@ lspci | grep Virtual
 99:00.7 Ethernet controller: Intel Corporation Ethernet Adaptive Virtual Function (rev 02)
 ```
 
+Examine a specific VF from the list:
+
 ```
 lspci -s 98:1f.2 -vv
+```
+
+The output should confirm the correct kernel drivers in use:
+
+```
 98:1f.2 Ethernet controller: Intel Corporation Ethernet Adaptive Virtual Function (rev 02)
 	Subsystem: Intel Corporation Ethernet Adaptive Virtual Function
 	Control: I/O- Mem- BusMaster- SpecCycle- MemWINV- VGASnoop- ParErr- Stepping- SERR- FastB2B- DisINTx-
@@ -1085,8 +1094,6 @@ the correct PCI address:
 
 ```
 
-
-
 ## Further reading
 
 - [How to enable real-time Ubuntu](https://canonical-ubuntu-pro-client.readthedocs-hosted.com/en/latest/howtoguides/enable\_realtime\_kernel/\#how-to-enable-real-time-ubuntu)  

From a88848e2f79a09ff6cabe14c54782e74a9213f44 Mon Sep 17 00:00:00 2001
From: Nick Veitch <nick.veitch@canonical.com>
Date: Mon, 16 Sep 2024 12:07:28 +0100
Subject: [PATCH 24/45] explain taskset

---
 docs/src/snap/howto/epa.md | 29 +++++++++++++++++++++++++++--
 1 file changed, 27 insertions(+), 2 deletions(-)

diff --git a/docs/src/snap/howto/epa.md b/docs/src/snap/howto/epa.md
index 3c88c2402..c3a32e3b6 100644
--- a/docs/src/snap/howto/epa.md
+++ b/docs/src/snap/howto/epa.md
@@ -874,7 +874,7 @@ spec:
 EOF
 ```
 
-Dscribing the node and the pod will confirm that the pod is running
+Describing the node and the pod will confirm that the pod is running
 on the intended node and that its CPU requests are being met. Running
 taskset inside the pod will identify the pod pinned to the process running
 inside the pod:
@@ -893,10 +893,14 @@ sudo k8s kubectl describe node pc6b-rb4-n3
   ....
 ```
 
+We can then describe the pod itself:
+
 ```
 sudo k8s kubectl describe pod cpu-pinning-test
 ```
 
+The output should confirm the limits and requests:
+
 ```
 ...
     Limits:
@@ -908,16 +912,37 @@ sudo k8s kubectl describe pod cpu-pinning-test
 ...
 ```
 
-<!-- this needs to be explained -->
+To determine the CPUS in use are valid, open a shell on the pod:
 
 ```
 sudo k8s kubectl exec -ti cpu-pinning-test -- /bin/bash
+```
+
+On this shell, confirm the running processes:
+
+```
 root@cpu-pinning-test:/# ps -ef
+```
+
+which will list the running commands:
+
+```
 UID          PID    PPID  C STIME TTY          TIME CMD
 root           1       0  0 08:51 ?        00:00:00 sleep infinity
 root          17       0  0 08:58 pts/0    00:00:00 /bin/bash
 root          25      17  0 08:58 pts/0    00:00:00 ps -ef
+```
+
+The first of these is the `sleep` command we instructed the pod to run. We then
+use `taskset` in the pod:
+
+```
 root@cpu-pinning-test:/# taskset -p 1
+```
+
+This returns the current affinity mask:
+
+```
 pid 1's current affinity mask: 1000000000000000100000000
 ```
 

From a701ed18387c6902574f0f3ce090233625ffca1d Mon Sep 17 00:00:00 2001
From: Nick Veitch <nick.veitch@canonical.com>
Date: Mon, 16 Sep 2024 12:13:57 +0100
Subject: [PATCH 25/45] more explanations

---
 docs/src/snap/howto/epa.md | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/docs/src/snap/howto/epa.md b/docs/src/snap/howto/epa.md
index c3a32e3b6..7fe669633 100644
--- a/docs/src/snap/howto/epa.md
+++ b/docs/src/snap/howto/epa.md
@@ -766,6 +766,8 @@ sudo k8s kubectl logs realtime-kernel-test -f
 
 ```
 
+This should produce output including:
+
 ```
 ...
 # /dev/cpu_dma_latency set to 0us
@@ -805,6 +807,8 @@ node:
 ps -ef | grep /snap/k8s/678/bin/kubelet
 ``` 
 
+The process output will indicate the arguments used when running the kubelet:
+
 ```
 root        9139       1  1 Jul17 ?        00:20:03 /snap/k8s/678/bin/kubelet --anonymous-auth=false --authentication-token-webhook=true --authorization-mode=Webhook --client-ca-file=/etc/kubernetes/pki/client-ca.crt --cluster-dns=10.152.183.97 --cluster-domain=cluster.local --container-runtime-endpoint=/var/snap/k8s/common/run/containerd.sock --containerd=/var/snap/k8s/common/run/containerd.sock --cpu-manager-policy=static --eviction-hard=memory.available<100Mi,nodefs.available<1Gi,imagefs.available<1Gi --fail-swap-on=false --kubeconfig=/etc/kubernetes/kubelet.conf --node-ip=10.18.2.153 --node-labels=node-role.kubernetes.io/worker=,k8sd.io/role=worker --read-only-port=0 --register-with-taints= --reserved-cpus=0-31 --root-dir=/var/lib/kubelet --serialize-image-pulls=false --tls-cert-file=/etc/kubernetes/pki/kubelet.crt --tls-cipher-suites=TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305,TLS_RSA_WITH_AES_128_GCM_SHA256,TLS_RSA_WITH_AES_256_GCM_SHA384 --tls-private-key-file=/etc/kubernetes/pki/kubelet.key --topology-manager-policy=best-effort
 ```

From 70cfa7d0bf76177a42aaaba99be771faecb2688c Mon Sep 17 00:00:00 2001
From: Nick Veitch <nick.veitch@canonical.com>
Date: Mon, 16 Sep 2024 17:55:35 +0100
Subject: [PATCH 26/45] add inline note about version

---
 docs/src/snap/howto/epa.md | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/docs/src/snap/howto/epa.md b/docs/src/snap/howto/epa.md
index 7fe669633..466e592db 100644
--- a/docs/src/snap/howto/epa.md
+++ b/docs/src/snap/howto/epa.md
@@ -395,6 +395,11 @@ It was recently backported from 24.04 to 22.04 and is still going through
 some validation stages. Once it is officially released, it will be
 installable via the Ubuntu Pro cli.
 ```
+
+<!--VERSION:
+The MAAS setup is inextricably linked to particular versions and will need to be
+updated for these -->
+
 ````
 `````
 

From d0eef6203b484ca4d1a8aa7206218346fbc447b3 Mon Sep 17 00:00:00 2001
From: Nick Veitch <nick.veitch@canonical.com>
Date: Wed, 18 Sep 2024 11:01:20 +0100
Subject: [PATCH 27/45] add link to explanation

---
 docs/src/snap/howto/epa.md | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/docs/src/snap/howto/epa.md b/docs/src/snap/howto/epa.md
index 466e592db..c3e92f49b 100644
--- a/docs/src/snap/howto/epa.md
+++ b/docs/src/snap/howto/epa.md
@@ -1,7 +1,7 @@
 # How to set up Enhanced Platform Awareness
 
 This section explains how to set up the Enhanced Platform Awareness (EPA)
-features in a {{product}} cluster. 
+features in a {{product}} cluster. Please see the [EPA explanation page][explain-epa] for details about how EPA applies to {{product}}.
 
 The content starts with the setup of the environment (including steps for using
 [MAAS][MAAS]). Then the setup of {{product}}, including the Multus & SR-IOV/DPDK
@@ -1143,4 +1143,5 @@ the correct PCI address:
 [channel]: https://documentation.ubuntu.com/canonical-kubernetes/latest/snap/explanation/channels/
 [install-link]: /snap/howto/install/snap
 [snap]: https://snapcraft.io/docs
-[cyclictest]: https://github.com/jlelli/rt-tests
\ No newline at end of file
+[cyclictest]: https://github.com/jlelli/rt-tests
+[explain-epa]: /snap/explanation/epa
\ No newline at end of file

From ab7bfbac4321ec807205e56eedeed523aa170469 Mon Sep 17 00:00:00 2001
From: "Louise K. Schmidtgen" <louise.schmidtgen@canonical.com>
Date: Mon, 9 Sep 2024 14:49:32 +0200
Subject: [PATCH 28/45] Docs Ingress default tls secret extra moonray comment
 (#656)

---
 docs/moonray/howto/index.md                   |   2 +-
 .../howto/networking/default-ingress-mr.md    | 117 ++++++++++++++++++
 docs/moonray/howto/networking/index.md        |  15 +++
 docs/src/snap/howto/index.md                  |   1 -
 .../snap/howto/networking/default-ingress.md  |  17 ++-
 docs/src/snap/howto/networking/index.md       |   1 +
 6 files changed, 145 insertions(+), 8 deletions(-)
 create mode 100644 docs/moonray/howto/networking/default-ingress-mr.md
 create mode 100644 docs/moonray/howto/networking/index.md

diff --git a/docs/moonray/howto/index.md b/docs/moonray/howto/index.md
index 041e13e6c..11c35f452 100644
--- a/docs/moonray/howto/index.md
+++ b/docs/moonray/howto/index.md
@@ -14,7 +14,7 @@ Overview <self>
 :glob:
 :titlesonly:
 install
-
+networking/index
 ```
 
 ---
diff --git a/docs/moonray/howto/networking/default-ingress-mr.md b/docs/moonray/howto/networking/default-ingress-mr.md
new file mode 100644
index 000000000..24f9b435a
--- /dev/null
+++ b/docs/moonray/howto/networking/default-ingress-mr.md
@@ -0,0 +1,117 @@
+# How to use default Ingress
+
+{{product}} allows you to configure Ingress into your cluster. When
+enabled, it tells your cluster how external HTTP and HTTPS traffic should be
+routed to its services.
+
+## What you'll need
+
+This guide assumes the following:
+
+- You have root or sudo access to the machine
+- You have a bootstrapped {{product}} cluster (see the [Getting
+  Started][getting-started-guide] guide).
+
+## Check Ingress status
+
+Find out whether Ingress is enabled or disabled with the following command:
+
+```
+sudo k8s status
+```
+
+Please ensure that Ingress is enabled on your cluster.
+
+## Enable Ingress
+
+To enable Ingress, run:
+
+```
+sudo k8s enable ingress
+```
+
+For more information on the command, execute:
+
+```
+sudo k8s help enable
+```
+
+## Configure Ingress
+
+Discover your configuration options by running:
+
+```
+sudo k8s get ingress 
+```
+
+You should see three options:
+
+
+- `default-tls-secret`: Name of the TLS (Transport Layer Security) Secret that
+  will be used as the default Ingress certificate. The
+  `TLSCertificateDelegation` is created in the `projectcontour-root` namespace.
+  When defining an Ingress object, specify this secret as the default
+  certificate by setting the `secretName` field under `spec.tls`.
+  For further information, see the
+  [TLS Certificate Delegation guide][tls-delegation] guide.
+- `enable-proxy-protocol`: If set, proxy protocol will be enabled for the
+  Ingress.
+
+### TLS Secret
+
+You can create a TLS secret by following the official
+[Kubernetes documentation][kubectl-create-secret-tls/].
+Please remember to use `sudo k8s kubectl` (See the [kubectl-guide]).
+
+Tell Ingress to use your new Ingress certificate:
+
+```
+sudo k8s set ingress.default-tls-secret=<new-default-tls-secret>
+```
+
+Replace `<new-default-tls-secret>` with the desired value for your Ingress
+configuration.
+
+### Proxy Protocol
+
+Enabling the proxy protocol allows passing client connection information to the
+backend service.
+
+Consult the official
+[Kubernetes documentation on the proxy protocol][proxy-protocol].
+
+Use the following command to enable the proxy protocol:
+
+```
+sudo k8s set ingress.enable-proxy-protocol=<new-enable-proxy-protocol>
+```
+
+Adjust the value of `<new-enable-proxy-protocol>` with your proxy protocol
+requirements.
+
+## Disable Ingress
+
+You can `disable` the built-in ingress:
+
+``` {warning} Disabling Ingress may impact external access to services within
+    your cluster.
+    Ensure that you have alternative configurations in place before disabling Ingress.
+```
+
+```
+sudo k8s disable ingress
+```
+
+For more information on this command, run:
+
+```
+sudo k8s help disable
+```
+
+<!-- LINKS -->
+
+[kubectl-create-secret-tls/]: https://kubernetes.io/docs/reference/kubectl/generated/kubectl_create/kubectl_create_secret_tls/
+[proxy-protocol]: https://kubernetes.io/docs/reference/networking/service-protocols/#protocol-proxy-special
+[getting-started-guide]: /snap/tutorial/getting-started
+[kubectl-guide]: /snap/tutorial/kubectl
+[tls-delegation]: https://projectcontour.io/docs/main/config/tls-delegation/
diff --git a/docs/moonray/howto/networking/index.md b/docs/moonray/howto/networking/index.md
new file mode 100644
index 000000000..f2982ead8
--- /dev/null
+++ b/docs/moonray/howto/networking/index.md
@@ -0,0 +1,15 @@
+# Networking
+
+```{toctree}
+:hidden:
+Networking <self>
+```
+
+Networking is a core part of a working Kubernetes cluster. These topics cover
+how to configure and use key capabilities of {{product}}.
+
+```{toctree}
+:titlesonly:
+
+default-ingress-mr.md
+```
diff --git a/docs/src/snap/howto/index.md b/docs/src/snap/howto/index.md
index c7bf9da3b..45c18485c 100644
--- a/docs/src/snap/howto/index.md
+++ b/docs/src/snap/howto/index.md
@@ -16,7 +16,6 @@ Overview <self>
 
 install/index
 networking/index
-networking/dualstack
 storage/index
 external-datastore
 proxy
diff --git a/docs/src/snap/howto/networking/default-ingress.md b/docs/src/snap/howto/networking/default-ingress.md
index ce9f792d0..90498d910 100644
--- a/docs/src/snap/howto/networking/default-ingress.md
+++ b/docs/src/snap/howto/networking/default-ingress.md
@@ -20,7 +20,7 @@ Find out whether Ingress is enabled or disabled with the following command:
 sudo k8s status
 ```
 
-The default state for the cluster is `ingress disabled`.
+Please ensure that Ingress is enabled on your cluster.
 
 ## Enable Ingress
 
@@ -46,6 +46,7 @@ sudo k8s get ingress
 
 You should see three options:
 
+- `enabled`: If set to true, Ingress is enabled
 - `default-tls-secret`: Name of the TLS (Transport Layer Security) Secret in
   the kube-system namespace that will be used as the default Ingress
   certificate
@@ -53,8 +54,9 @@ You should see three options:
 
 ### TLS Secret
 
-You can create a TLS secret by following the official [Kubernetes documentation][kubectl-create-secret-tls/].
-Note: remember to use `sudo k8s kubectl` (See the [kubectl-guide]).
+You can create a TLS secret by following the official
+[Kubernetes documentation][kubectl-create-secret-tls/].
+Please remember to use `sudo k8s kubectl` (See the [kubectl-guide]).
 
 Tell Ingress to use your new Ingress certificate:
 
@@ -62,14 +64,16 @@ Tell Ingress to use your new Ingress certificate:
 sudo k8s set ingress.default-tls-secret=<new-default-tls-secret>
 ```
 
-Replace `<new-default-tls-secret>` with the desired value for your Ingress configuration.
+Replace `<new-default-tls-secret>` with the desired value for your Ingress
+configuration.
 
 ### Proxy Protocol
 
 Enabling the proxy protocol allows passing client connection information to the
 backend service.
 
-Consult the official [Kubernetes documentation on the proxy protocol][proxy-protocol].
+Consult the official
+[Kubernetes documentation on the proxy protocol][proxy-protocol].
 
 Use the following command to enable the proxy protocol:
 
@@ -77,7 +81,8 @@ Use the following command to enable the proxy protocol:
 sudo k8s set ingress.enable-proxy-protocol=<new-enable-proxy-protocol>
 ```
 
-Adjust the value of `<new-enable-proxy-protocol>` with your proxy protocol requirements.
+Adjust the value of `<new-enable-proxy-protocol>` with your proxy protocol
+requirements.
 
 ## Disable Ingress
 
diff --git a/docs/src/snap/howto/networking/index.md b/docs/src/snap/howto/networking/index.md
index 2f62c6b3a..98d42bd55 100644
--- a/docs/src/snap/howto/networking/index.md
+++ b/docs/src/snap/howto/networking/index.md
@@ -15,4 +15,5 @@ how to configure and use key capabilities of {{product}}.
 /snap/howto/networking/default-network.md
 /snap/howto/networking/default-ingress.md
 /snap/howto/networking/default-loadbalancer.md
+/snap/howto/networking/dualstack.md
 ```

From d97961de0a2e4972f4787d343cd51701b015b8dd Mon Sep 17 00:00:00 2001
From: Homayoon Alimohammadi <homayoon.alimohammadi@canonical.com>
Date: Mon, 9 Sep 2024 17:08:54 +0400
Subject: [PATCH 29/45] Add more sections to the CAPI docs (#655)

* Add more sections to the CAPI docs

* Address comments
---
 docs/src/capi/explanation/capi-ck8s.md    |  42 ++++
 docs/src/capi/explanation/capi-ck8s.svg   |   4 +
 docs/src/capi/explanation/index.md        |   1 +
 docs/src/capi/howto/custom-ck8s.md        |  64 +++++++
 docs/src/capi/howto/index.md              |   3 +
 docs/src/capi/howto/migrate-management.md |  29 +++
 docs/src/capi/howto/upgrade-providers.md  |  53 +++++
 docs/src/capi/reference/configs.md        | 224 ++++++++++++++++++++++
 docs/src/capi/reference/index.md          |   1 +
 9 files changed, 421 insertions(+)
 create mode 100644 docs/src/capi/explanation/capi-ck8s.md
 create mode 100644 docs/src/capi/explanation/capi-ck8s.svg
 create mode 100644 docs/src/capi/howto/custom-ck8s.md
 create mode 100644 docs/src/capi/howto/migrate-management.md
 create mode 100644 docs/src/capi/howto/upgrade-providers.md
 create mode 100644 docs/src/capi/reference/configs.md

diff --git a/docs/src/capi/explanation/capi-ck8s.md b/docs/src/capi/explanation/capi-ck8s.md
new file mode 100644
index 000000000..d75db76ac
--- /dev/null
+++ b/docs/src/capi/explanation/capi-ck8s.md
@@ -0,0 +1,42 @@
+# Cluster API - {{product}}
+
+ClusterAPI (CAPI) is an open-source Kubernetes project that provides a declarative API for cluster creation, configuration, and management. It is designed to automate the creation and management of Kubernetes clusters in various environments, including on-premises data centers, public clouds, and edge devices.
+
+CAPI abstracts away the details of infrastructure provisioning, networking, and other low-level tasks, allowing users to define their desired cluster configuration using simple YAML manifests. This makes it easier to create and manage clusters in a repeatable and consistent manner, regardless of the underlying infrastructure. In this way a wide range of infrastructure providers has been made available, including but not limited to Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform (GCP), and OpenStack.
+
+CAPI also abstracts the provisioning and management of Kubernetes clusters allowing for a variety of Kubernetes distributions to be delivered in all of the supported infrastructure providers. {{product}} is one such Kubernetes distribution that seamlessly integrates with Cluster API.
+
+With {{product}} CAPI you can:
+- provision a cluster with:
+    - Kubernetes version 1.31 onwards
+    - risk level of the track you want to follow (stable, candidate, beta, edge)
+    - deploy behind proxies
+- upgrade clusters with no downtime:
+    - rolling upgrades for HA clusters and worker nodes
+    - in-place upgrades for non-HA control planes and worker nodes
+
+Please refer to the “Tutorial” section for concrete examples on CAPI deployments:
+
+
+## CAPI architecture
+
+Being a cloud-native framework, CAPI implements all its components as controllers that run within a Kubernetes cluster. There is a separate controller, called a ‘provider’, for each supported infrastructure substrate. The infrastructure providers are responsible for provisioning physical or virtual nodes and setting up networking elements such as load balancers and virtual networks. In a similar way, each Kubernetes distribution that integrates with ClusterAPI is managed by two providers: the control plane provider and the bootstrap provider. The bootstrap provider is responsible for delivering and managing Kubernetes on the nodes, while the control plane provider handles the control plane’s specific lifecycle.
+
+The CAPI providers operate within a Kubernetes cluster known as the management cluster. The administrator is responsible for selecting the desired combination of infrastructure and Kubernetes distribution by instantiating the respective infrastructure, bootstrap, and control plane providers on the management cluster.
+
+The management cluster functions as the control plane for the ClusterAPI operator, which is responsible for provisioning and managing the infrastructure resources necessary for creating and managing additional Kubernetes clusters. It is important to note that the management cluster is not intended to support any other workload, as the workloads are expected to run on the provisioned clusters. As a result, the provisioned clusters are referred to as workload clusters.
+
+Typically, the management cluster runs in a separate environment from the clusters it manages, such as a public cloud or an on-premises data center. It serves as a centralized location for managing the configuration, policies, and security of multiple managed clusters. By leveraging the management cluster, users can easily create and manage a fleet of Kubernetes clusters in a consistent and repeatable manner.
+
+The {{product}} team maintains the two providers required for integrating with CAPI:
+
+- The Cluster API Bootstrap Provider {{product}} (**CABPCK**) responsible for provisioning the nodes in the cluster and preparing them to be joined to the Kubernetes control plane. When you use the CABPCK you define a Kubernetes Cluster object that describes the desired state of the new cluster and includes the number and type of nodes in the cluster, as well as any additional configuration settings. The Bootstrap Provider then creates the necessary resources in the Kubernetes API server to bring the cluster up to the desired state. Under the hood, the Bootstrap Provider uses cloud-init to configure the nodes in the cluster. This includes setting up SSH keys, configuring the network, and installing necessary software packages.
+
+- The Cluster API Control Plane Provider {{product}} (**CACPCK**) enables the creation and management of Kubernetes control planes using {{product}} as the underlying Kubernetes distribution. Its main tasks are to update the machine state and to generate the kubeconfig file used for accessing the cluster. The kubeconfig file is stored as a secret which the user can then retrieve using the `clusterctl` command.
+
+```{figure} ./capi-ck8s.svg
+   :width: 100%
+   :alt: Deployment of components
+
+   Deployment of components
+```
diff --git a/docs/src/capi/explanation/capi-ck8s.svg b/docs/src/capi/explanation/capi-ck8s.svg
new file mode 100644
index 000000000..d7df80727
--- /dev/null
+++ b/docs/src/capi/explanation/capi-ck8s.svg
@@ -0,0 +1,4 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- Do not edit this file with editors other than draw.io -->
+<!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd">
+<svg xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" version="1.1" width="661px" height="591px" viewBox="-0.5 -0.5 661 591" content="&lt;mxfile host=&quot;app.diagrams.net&quot; agent=&quot;Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36&quot; version=&quot;24.7.11&quot; scale=&quot;1&quot; border=&quot;5&quot;&gt;&#10;  &lt;diagram name=&quot;Page-1&quot; id=&quot;ZDmRij12Ut6CUaDY6UDh&quot;&gt;&#10;    &lt;mxGraphModel dx=&quot;819&quot; dy=&quot;434&quot; grid=&quot;1&quot; gridSize=&quot;10&quot; guides=&quot;1&quot; tooltips=&quot;1&quot; connect=&quot;1&quot; arrows=&quot;1&quot; fold=&quot;1&quot; page=&quot;1&quot; pageScale=&quot;1&quot; pageWidth=&quot;850&quot; pageHeight=&quot;1100&quot; math=&quot;0&quot; shadow=&quot;0&quot;&gt;&#10;      &lt;root&gt;&#10;        &lt;mxCell id=&quot;0&quot; /&gt;&#10;        &lt;mxCell id=&quot;1&quot; parent=&quot;0&quot; /&gt;&#10;        &lt;mxCell id=&quot;7QqzYbiBiShg53c-Jw5P-1&quot; value=&quot;&amp;lt;font&amp;gt;Canonical Kubernetes Bootstrap Provider (CABCK)&amp;lt;/font&amp;gt;&quot; style=&quot;whiteSpace=wrap;html=1;fontFamily=Verdana;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;20&quot; y=&quot;130&quot; width=&quot;140&quot; height=&quot;80&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;7QqzYbiBiShg53c-Jw5P-2&quot; value=&quot;&quot; style=&quot;whiteSpace=wrap;html=1;dashed=1;dashPattern=12 12;fontFamily=Verdana;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;180&quot; y=&quot;110&quot; width=&quot;240&quot; height=&quot;230&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;7QqzYbiBiShg53c-Jw5P-3&quot; value=&quot;&quot; style=&quot;whiteSpace=wrap;html=1;fontFamily=Verdana;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;200&quot; y=&quot;150&quot; width=&quot;80&quot; height=&quot;140&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;7QqzYbiBiShg53c-Jw5P-4&quot; value=&quot;&quot; style=&quot;whiteSpace=wrap;html=1;fontFamily=Verdana;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;210&quot; y=&quot;160&quot; width=&quot;80&quot; height=&quot;140&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;7QqzYbiBiShg53c-Jw5P-5&quot; value=&quot;CAPI Machine with Canonical Kubernetes Config&quot; style=&quot;whiteSpace=wrap;html=1;fillStyle=solid;fillColor=#CCCCCC;fontFamily=Verdana;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;220&quot; y=&quot;170&quot; width=&quot;80&quot; height=&quot;140&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;7QqzYbiBiShg53c-Jw5P-6&quot; value=&quot;CA&quot; style=&quot;whiteSpace=wrap;html=1;fillColor=#CCCCCC;fontFamily=Verdana;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;330&quot; y=&quot;150&quot; width=&quot;50&quot; height=&quot;50&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;7QqzYbiBiShg53c-Jw5P-7&quot; value=&quot;Join Token&quot; style=&quot;whiteSpace=wrap;html=1;fillColor=#CCCCCC;fontFamily=Verdana;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;310&quot; y=&quot;220&quot; width=&quot;90&quot; height=&quot;40&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;7QqzYbiBiShg53c-Jw5P-8&quot; value=&quot;kubeconfig&quot; style=&quot;whiteSpace=wrap;html=1;fillColor=#CCCCCC;fontFamily=Verdana;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;310&quot; y=&quot;280&quot; width=&quot;90&quot; height=&quot;40&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;7QqzYbiBiShg53c-Jw5P-11&quot; value=&quot;Canonical Kubernetes Control Plane Provider (CACPCK)&quot; style=&quot;whiteSpace=wrap;html=1;fontFamily=Verdana;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;440&quot; y=&quot;130&quot; width=&quot;140&quot; height=&quot;80&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;7QqzYbiBiShg53c-Jw5P-13&quot; value=&quot;Infrastructure Providder&quot; style=&quot;whiteSpace=wrap;html=1;fontFamily=Verdana;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;215&quot; y=&quot;360&quot; width=&quot;170&quot; height=&quot;60&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;7QqzYbiBiShg53c-Jw5P-30&quot; value=&quot;&quot; style=&quot;group;fontFamily=Verdana;&quot; parent=&quot;1&quot; connectable=&quot;0&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;70&quot; y=&quot;440&quot; width=&quot;470&quot; height=&quot;200&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;7QqzYbiBiShg53c-Jw5P-14&quot; value=&quot;&quot; style=&quot;whiteSpace=wrap;html=1;fontFamily=Verdana;&quot; parent=&quot;7QqzYbiBiShg53c-Jw5P-30&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry width=&quot;470&quot; height=&quot;200&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;7QqzYbiBiShg53c-Jw5P-15&quot; value=&quot;&quot; style=&quot;whiteSpace=wrap;html=1;fontFamily=Verdana;&quot; parent=&quot;7QqzYbiBiShg53c-Jw5P-30&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;10&quot; y=&quot;10&quot; width=&quot;220&quot; height=&quot;160&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;7QqzYbiBiShg53c-Jw5P-16&quot; value=&quot;&quot; style=&quot;whiteSpace=wrap;html=1;fontFamily=Verdana;&quot; parent=&quot;7QqzYbiBiShg53c-Jw5P-30&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;240&quot; y=&quot;10&quot; width=&quot;220&quot; height=&quot;160&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;7QqzYbiBiShg53c-Jw5P-17&quot; value=&quot;Control Plane&quot; style=&quot;text;html=1;align=center;verticalAlign=middle;resizable=0;points=[];autosize=1;strokeColor=none;fillColor=none;fontFamily=Verdana;&quot; parent=&quot;7QqzYbiBiShg53c-Jw5P-30&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;75&quot; y=&quot;140&quot; width=&quot;90&quot; height=&quot;30&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;7QqzYbiBiShg53c-Jw5P-18&quot; value=&quot;Worker Nodes&quot; style=&quot;text;html=1;align=center;verticalAlign=middle;resizable=0;points=[];autosize=1;strokeColor=none;fillColor=none;fontFamily=Verdana;&quot; parent=&quot;7QqzYbiBiShg53c-Jw5P-30&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;305&quot; y=&quot;140&quot; width=&quot;90&quot; height=&quot;30&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;7QqzYbiBiShg53c-Jw5P-19&quot; value=&quot;VM&amp;amp;nbsp; #1&quot; style=&quot;whiteSpace=wrap;html=1;fontFamily=Verdana;&quot; parent=&quot;7QqzYbiBiShg53c-Jw5P-30&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;20&quot; y=&quot;20&quot; width=&quot;60&quot; height=&quot;110&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;7QqzYbiBiShg53c-Jw5P-20&quot; value=&quot;VM&amp;amp;nbsp; #2&quot; style=&quot;whiteSpace=wrap;html=1;fontFamily=Verdana;&quot; parent=&quot;7QqzYbiBiShg53c-Jw5P-30&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;90&quot; y=&quot;20&quot; width=&quot;60&quot; height=&quot;110&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;7QqzYbiBiShg53c-Jw5P-22&quot; value=&quot;VM&amp;amp;nbsp; #3&quot; style=&quot;whiteSpace=wrap;html=1;fontFamily=Verdana;&quot; parent=&quot;7QqzYbiBiShg53c-Jw5P-30&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;160&quot; y=&quot;20&quot; width=&quot;60&quot; height=&quot;110&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;7QqzYbiBiShg53c-Jw5P-23&quot; value=&quot;VM&amp;amp;nbsp; #N-2&quot; style=&quot;whiteSpace=wrap;html=1;fontFamily=Verdana;&quot; parent=&quot;7QqzYbiBiShg53c-Jw5P-30&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;250&quot; y=&quot;20&quot; width=&quot;60&quot; height=&quot;110&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;7QqzYbiBiShg53c-Jw5P-24&quot; value=&quot;VM&amp;amp;nbsp; #N-1&quot; style=&quot;whiteSpace=wrap;html=1;fontFamily=Verdana;&quot; parent=&quot;7QqzYbiBiShg53c-Jw5P-30&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;320&quot; y=&quot;20&quot; width=&quot;60&quot; height=&quot;110&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;7QqzYbiBiShg53c-Jw5P-25&quot; value=&quot;VM&amp;amp;nbsp; #N&quot; style=&quot;whiteSpace=wrap;html=1;fontFamily=Verdana;&quot; parent=&quot;7QqzYbiBiShg53c-Jw5P-30&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;390&quot; y=&quot;20&quot; width=&quot;60&quot; height=&quot;110&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;7QqzYbiBiShg53c-Jw5P-27&quot; value=&quot;&amp;lt;font style=&amp;quot;font-size: 21px;&amp;quot;&amp;gt;...&amp;lt;/font&amp;gt;&quot; style=&quot;text;html=1;align=center;verticalAlign=middle;resizable=0;points=[];autosize=1;strokeColor=none;fillColor=none;fontFamily=Verdana;&quot; parent=&quot;7QqzYbiBiShg53c-Jw5P-30&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;215&quot; y=&quot;50&quot; width=&quot;40&quot; height=&quot;40&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;7QqzYbiBiShg53c-Jw5P-29&quot; value=&quot;Provisioned (Workload) Cluster&quot; style=&quot;text;html=1;align=center;verticalAlign=middle;resizable=0;points=[];autosize=1;strokeColor=none;fillColor=none;fontFamily=Verdana;&quot; parent=&quot;7QqzYbiBiShg53c-Jw5P-30&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;145&quot; y=&quot;170&quot; width=&quot;180&quot; height=&quot;30&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;7QqzYbiBiShg53c-Jw5P-33&quot; value=&quot;&quot; style=&quot;ellipse;whiteSpace=wrap;html=1;fontFamily=Verdana;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;450&quot; y=&quot;370&quot; width=&quot;30&quot; height=&quot;30&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;7QqzYbiBiShg53c-Jw5P-37&quot; value=&quot;User&quot; style=&quot;shape=umlActor;verticalLabelPosition=bottom;verticalAlign=top;html=1;outlineConnect=0;labelPosition=center;align=center;fontFamily=Verdana;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;610&quot; y=&quot;250&quot; width=&quot;60&quot; height=&quot;120&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;7QqzYbiBiShg53c-Jw5P-39&quot; style=&quot;edgeStyle=orthogonalEdgeStyle;rounded=0;orthogonalLoop=1;jettySize=auto;html=1;exitX=0.5;exitY=1;exitDx=0;exitDy=0;entryX=0.841;entryY=0;entryDx=0;entryDy=0;entryPerimeter=0;endArrow=none;endFill=0;fontFamily=Verdana;&quot; parent=&quot;1&quot; source=&quot;7QqzYbiBiShg53c-Jw5P-33&quot; target=&quot;7QqzYbiBiShg53c-Jw5P-14&quot; edge=&quot;1&quot;&gt;&#10;          &lt;mxGeometry relative=&quot;1&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;7QqzYbiBiShg53c-Jw5P-40&quot; value=&quot;Cluster EP&quot; style=&quot;text;html=1;align=center;verticalAlign=middle;resizable=0;points=[];autosize=1;strokeColor=none;fillColor=none;fontFamily=Verdana;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;460&quot; y=&quot;400&quot; width=&quot;80&quot; height=&quot;30&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;7QqzYbiBiShg53c-Jw5P-41&quot; value=&quot;&quot; style=&quot;edgeStyle=none;orthogonalLoop=1;jettySize=auto;html=1;rounded=0;exitX=1;exitY=0.5;exitDx=0;exitDy=0;fontFamily=Verdana;endArrow=openThin;endFill=0;&quot; parent=&quot;1&quot; source=&quot;7QqzYbiBiShg53c-Jw5P-8&quot; edge=&quot;1&quot;&gt;&#10;          &lt;mxGeometry width=&quot;100&quot; relative=&quot;1&quot; as=&quot;geometry&quot;&gt;&#10;            &lt;mxPoint x=&quot;410&quot; y=&quot;270&quot; as=&quot;sourcePoint&quot; /&gt;&#10;            &lt;mxPoint x=&quot;600&quot; y=&quot;300&quot; as=&quot;targetPoint&quot; /&gt;&#10;            &lt;Array as=&quot;points&quot; /&gt;&#10;          &lt;/mxGeometry&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;7QqzYbiBiShg53c-Jw5P-42&quot; value=&quot;clusterctl get config&quot; style=&quot;edgeLabel;html=1;align=center;verticalAlign=middle;resizable=0;points=[];fontFamily=Verdana;&quot; parent=&quot;7QqzYbiBiShg53c-Jw5P-41&quot; connectable=&quot;0&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;-0.03&quot; y=&quot;-2&quot; relative=&quot;1&quot; as=&quot;geometry&quot;&gt;&#10;            &lt;mxPoint x=&quot;43&quot; y=&quot;-12&quot; as=&quot;offset&quot; /&gt;&#10;          &lt;/mxGeometry&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;7QqzYbiBiShg53c-Jw5P-44&quot; value=&quot;&quot; style=&quot;edgeStyle=none;orthogonalLoop=1;jettySize=auto;html=1;rounded=0;exitX=0.5;exitY=0;exitDx=0;exitDy=0;entryX=0.25;entryY=1;entryDx=0;entryDy=0;fontFamily=Verdana;endArrow=openThin;endFill=0;&quot; parent=&quot;1&quot; source=&quot;7QqzYbiBiShg53c-Jw5P-33&quot; target=&quot;7QqzYbiBiShg53c-Jw5P-11&quot; edge=&quot;1&quot;&gt;&#10;          &lt;mxGeometry width=&quot;100&quot; relative=&quot;1&quot; as=&quot;geometry&quot;&gt;&#10;            &lt;mxPoint x=&quot;390&quot; y=&quot;340&quot; as=&quot;sourcePoint&quot; /&gt;&#10;            &lt;mxPoint x=&quot;490&quot; y=&quot;340&quot; as=&quot;targetPoint&quot; /&gt;&#10;            &lt;Array as=&quot;points&quot; /&gt;&#10;          &lt;/mxGeometry&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;7QqzYbiBiShg53c-Jw5P-45&quot; value=&quot;&quot; style=&quot;edgeStyle=none;orthogonalLoop=1;jettySize=auto;html=1;rounded=0;exitX=0.105;exitY=0.994;exitDx=0;exitDy=0;exitPerimeter=0;entryX=1;entryY=0;entryDx=0;entryDy=0;fontFamily=Verdana;endArrow=openThin;endFill=0;&quot; parent=&quot;1&quot; source=&quot;7QqzYbiBiShg53c-Jw5P-11&quot; target=&quot;7QqzYbiBiShg53c-Jw5P-8&quot; edge=&quot;1&quot;&gt;&#10;          &lt;mxGeometry width=&quot;100&quot; relative=&quot;1&quot; as=&quot;geometry&quot;&gt;&#10;            &lt;mxPoint x=&quot;400&quot; y=&quot;250&quot; as=&quot;sourcePoint&quot; /&gt;&#10;            &lt;mxPoint x=&quot;500&quot; y=&quot;250&quot; as=&quot;targetPoint&quot; /&gt;&#10;            &lt;Array as=&quot;points&quot; /&gt;&#10;          &lt;/mxGeometry&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;7QqzYbiBiShg53c-Jw5P-47&quot; value=&quot;&quot; style=&quot;edgeStyle=none;orthogonalLoop=1;jettySize=auto;html=1;rounded=0;exitX=1;exitY=0.5;exitDx=0;exitDy=0;entryX=0;entryY=0.5;entryDx=0;entryDy=0;fontFamily=Verdana;endArrow=openThin;endFill=0;&quot; parent=&quot;1&quot; source=&quot;7QqzYbiBiShg53c-Jw5P-6&quot; target=&quot;7QqzYbiBiShg53c-Jw5P-11&quot; edge=&quot;1&quot;&gt;&#10;          &lt;mxGeometry width=&quot;100&quot; relative=&quot;1&quot; as=&quot;geometry&quot;&gt;&#10;            &lt;mxPoint x=&quot;490&quot; y=&quot;250&quot; as=&quot;sourcePoint&quot; /&gt;&#10;            &lt;mxPoint x=&quot;590&quot; y=&quot;250&quot; as=&quot;targetPoint&quot; /&gt;&#10;            &lt;Array as=&quot;points&quot; /&gt;&#10;          &lt;/mxGeometry&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;7QqzYbiBiShg53c-Jw5P-38&quot; value=&quot;Bootstrap (Management) Cluster&quot; style=&quot;text;html=1;align=center;verticalAlign=middle;resizable=0;points=[];autosize=1;strokeColor=none;fillColor=none;fontFamily=Verdana;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;210&quot; y=&quot;110&quot; width=&quot;180&quot; height=&quot;30&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;7QqzYbiBiShg53c-Jw5P-51&quot; value=&quot;&quot; style=&quot;edgeStyle=none;orthogonalLoop=1;jettySize=auto;html=1;rounded=0;exitX=0.5;exitY=1;exitDx=0;exitDy=0;entryX=0;entryY=0.5;entryDx=0;entryDy=0;fontFamily=Verdana;endArrow=openThin;endFill=0;&quot; parent=&quot;1&quot; source=&quot;7QqzYbiBiShg53c-Jw5P-1&quot; target=&quot;7QqzYbiBiShg53c-Jw5P-5&quot; edge=&quot;1&quot;&gt;&#10;          &lt;mxGeometry width=&quot;100&quot; relative=&quot;1&quot; as=&quot;geometry&quot;&gt;&#10;            &lt;mxPoint x=&quot;30&quot; y=&quot;250&quot; as=&quot;sourcePoint&quot; /&gt;&#10;            &lt;mxPoint x=&quot;130&quot; y=&quot;250&quot; as=&quot;targetPoint&quot; /&gt;&#10;            &lt;Array as=&quot;points&quot; /&gt;&#10;          &lt;/mxGeometry&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;7QqzYbiBiShg53c-Jw5P-52&quot; value=&quot;Bootstrap secret&quot; style=&quot;edgeLabel;html=1;align=center;verticalAlign=middle;resizable=0;points=[];rotation=12.9;fontFamily=Verdana;&quot; parent=&quot;7QqzYbiBiShg53c-Jw5P-51&quot; connectable=&quot;0&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;-0.0268&quot; y=&quot;-1&quot; relative=&quot;1&quot; as=&quot;geometry&quot;&gt;&#10;            &lt;mxPoint x=&quot;-1&quot; y=&quot;6&quot; as=&quot;offset&quot; /&gt;&#10;          &lt;/mxGeometry&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;7QqzYbiBiShg53c-Jw5P-53&quot; value=&quot;&quot; style=&quot;edgeStyle=none;orthogonalLoop=1;jettySize=auto;html=1;rounded=0;exitX=0.335;exitY=0.984;exitDx=0;exitDy=0;exitPerimeter=0;entryX=0.167;entryY=0;entryDx=0;entryDy=0;entryPerimeter=0;dashed=1;dashPattern=1 4;fontFamily=Verdana;endArrow=openThin;endFill=0;&quot; parent=&quot;1&quot; source=&quot;7QqzYbiBiShg53c-Jw5P-1&quot; target=&quot;7QqzYbiBiShg53c-Jw5P-20&quot; edge=&quot;1&quot;&gt;&#10;          &lt;mxGeometry width=&quot;100&quot; relative=&quot;1&quot; as=&quot;geometry&quot;&gt;&#10;            &lt;mxPoint x=&quot;-10&quot; y=&quot;290&quot; as=&quot;sourcePoint&quot; /&gt;&#10;            &lt;mxPoint x=&quot;90&quot; y=&quot;290&quot; as=&quot;targetPoint&quot; /&gt;&#10;            &lt;Array as=&quot;points&quot; /&gt;&#10;          &lt;/mxGeometry&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;7QqzYbiBiShg53c-Jw5P-54&quot; value=&quot;&quot; style=&quot;edgeStyle=none;orthogonalLoop=1;jettySize=auto;html=1;rounded=0;exitX=0.172;exitY=1.001;exitDx=0;exitDy=0;exitPerimeter=0;entryX=0.25;entryY=0;entryDx=0;entryDy=0;dashed=1;dashPattern=1 4;fontFamily=Verdana;endArrow=openThin;endFill=0;&quot; parent=&quot;1&quot; source=&quot;7QqzYbiBiShg53c-Jw5P-1&quot; target=&quot;7QqzYbiBiShg53c-Jw5P-19&quot; edge=&quot;1&quot;&gt;&#10;          &lt;mxGeometry width=&quot;100&quot; relative=&quot;1&quot; as=&quot;geometry&quot;&gt;&#10;            &lt;mxPoint x=&quot;-40&quot; y=&quot;250&quot; as=&quot;sourcePoint&quot; /&gt;&#10;            &lt;mxPoint x=&quot;60&quot; y=&quot;250&quot; as=&quot;targetPoint&quot; /&gt;&#10;            &lt;Array as=&quot;points&quot; /&gt;&#10;          &lt;/mxGeometry&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;7QqzYbiBiShg53c-Jw5P-55&quot; value=&quot;Deliver cloudinit&amp;amp;nbsp;&amp;lt;div&amp;gt;for nodes&amp;lt;/div&amp;gt;&quot; style=&quot;text;html=1;align=center;verticalAlign=middle;resizable=0;points=[];autosize=1;strokeColor=none;fillColor=none;fontFamily=Verdana;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;35&quot; y=&quot;290&quot; width=&quot;110&quot; height=&quot;40&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;7QqzYbiBiShg53c-Jw5P-56&quot; value=&quot;&quot; style=&quot;edgeStyle=none;orthogonalLoop=1;jettySize=auto;html=1;rounded=0;exitX=1;exitY=0.5;exitDx=0;exitDy=0;endArrow=none;endFill=0;dashed=1;dashPattern=1 4;fontFamily=Verdana;&quot; parent=&quot;1&quot; source=&quot;7QqzYbiBiShg53c-Jw5P-33&quot; edge=&quot;1&quot;&gt;&#10;          &lt;mxGeometry width=&quot;100&quot; relative=&quot;1&quot; as=&quot;geometry&quot;&gt;&#10;            &lt;mxPoint x=&quot;460&quot; y=&quot;370&quot; as=&quot;sourcePoint&quot; /&gt;&#10;            &lt;mxPoint x=&quot;608&quot; y=&quot;334&quot; as=&quot;targetPoint&quot; /&gt;&#10;            &lt;Array as=&quot;points&quot; /&gt;&#10;          &lt;/mxGeometry&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;7QqzYbiBiShg53c-Jw5P-57&quot; value=&quot;User talks to cluster EP&quot; style=&quot;edgeLabel;html=1;align=center;verticalAlign=middle;resizable=0;points=[];rotation=-22.1;fontFamily=Verdana;&quot; parent=&quot;7QqzYbiBiShg53c-Jw5P-56&quot; connectable=&quot;0&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;0.0579&quot; y=&quot;-2&quot; relative=&quot;1&quot; as=&quot;geometry&quot;&gt;&#10;            &lt;mxPoint x=&quot;-7&quot; y=&quot;-9&quot; as=&quot;offset&quot; /&gt;&#10;          &lt;/mxGeometry&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;7QqzYbiBiShg53c-Jw5P-59&quot; value=&quot;&quot; style=&quot;edgeStyle=none;orthogonalLoop=1;jettySize=auto;html=1;rounded=0;exitX=1;exitY=0.387;exitDx=0;exitDy=0;exitPerimeter=0;entryX=0;entryY=0.5;entryDx=0;entryDy=0;fontFamily=Verdana;endArrow=openThin;endFill=0;&quot; parent=&quot;1&quot; source=&quot;7QqzYbiBiShg53c-Jw5P-13&quot; target=&quot;7QqzYbiBiShg53c-Jw5P-33&quot; edge=&quot;1&quot;&gt;&#10;          &lt;mxGeometry width=&quot;100&quot; relative=&quot;1&quot; as=&quot;geometry&quot;&gt;&#10;            &lt;mxPoint x=&quot;350&quot; y=&quot;370&quot; as=&quot;sourcePoint&quot; /&gt;&#10;            &lt;mxPoint x=&quot;450&quot; y=&quot;370&quot; as=&quot;targetPoint&quot; /&gt;&#10;            &lt;Array as=&quot;points&quot; /&gt;&#10;          &lt;/mxGeometry&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;7QqzYbiBiShg53c-Jw5P-61&quot; value=&quot;&quot; style=&quot;edgeStyle=none;orthogonalLoop=1;jettySize=auto;html=1;rounded=0;entryX=0.5;entryY=0;entryDx=0;entryDy=0;exitX=0;exitY=1;exitDx=0;exitDy=0;fontFamily=Verdana;endArrow=openThin;endFill=0;&quot; parent=&quot;1&quot; source=&quot;7QqzYbiBiShg53c-Jw5P-13&quot; target=&quot;7QqzYbiBiShg53c-Jw5P-19&quot; edge=&quot;1&quot;&gt;&#10;          &lt;mxGeometry width=&quot;100&quot; relative=&quot;1&quot; as=&quot;geometry&quot;&gt;&#10;            &lt;mxPoint x=&quot;130&quot; y=&quot;410&quot; as=&quot;sourcePoint&quot; /&gt;&#10;            &lt;mxPoint x=&quot;230&quot; y=&quot;410&quot; as=&quot;targetPoint&quot; /&gt;&#10;            &lt;Array as=&quot;points&quot; /&gt;&#10;          &lt;/mxGeometry&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;7QqzYbiBiShg53c-Jw5P-62&quot; value=&quot;&quot; style=&quot;edgeStyle=none;orthogonalLoop=1;jettySize=auto;html=1;rounded=0;entryX=0.5;entryY=0;entryDx=0;entryDy=0;exitX=0.25;exitY=1;exitDx=0;exitDy=0;fontFamily=Verdana;endArrow=openThin;endFill=0;&quot; parent=&quot;1&quot; source=&quot;7QqzYbiBiShg53c-Jw5P-13&quot; target=&quot;7QqzYbiBiShg53c-Jw5P-20&quot; edge=&quot;1&quot;&gt;&#10;          &lt;mxGeometry width=&quot;100&quot; relative=&quot;1&quot; as=&quot;geometry&quot;&gt;&#10;            &lt;mxPoint x=&quot;130&quot; y=&quot;400&quot; as=&quot;sourcePoint&quot; /&gt;&#10;            &lt;mxPoint x=&quot;230&quot; y=&quot;400&quot; as=&quot;targetPoint&quot; /&gt;&#10;            &lt;Array as=&quot;points&quot; /&gt;&#10;          &lt;/mxGeometry&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;7QqzYbiBiShg53c-Jw5P-63&quot; value=&quot;&quot; style=&quot;edgeStyle=none;orthogonalLoop=1;jettySize=auto;html=1;rounded=0;exitX=0.5;exitY=1;exitDx=0;exitDy=0;entryX=0.5;entryY=0;entryDx=0;entryDy=0;fontFamily=Verdana;endArrow=openThin;endFill=0;&quot; parent=&quot;1&quot; source=&quot;7QqzYbiBiShg53c-Jw5P-13&quot; target=&quot;7QqzYbiBiShg53c-Jw5P-22&quot; edge=&quot;1&quot;&gt;&#10;          &lt;mxGeometry width=&quot;100&quot; relative=&quot;1&quot; as=&quot;geometry&quot;&gt;&#10;            &lt;mxPoint x=&quot;130&quot; y=&quot;400&quot; as=&quot;sourcePoint&quot; /&gt;&#10;            &lt;mxPoint x=&quot;230&quot; y=&quot;400&quot; as=&quot;targetPoint&quot; /&gt;&#10;            &lt;Array as=&quot;points&quot; /&gt;&#10;          &lt;/mxGeometry&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;7QqzYbiBiShg53c-Jw5P-64&quot; value=&quot;&quot; style=&quot;edgeStyle=none;orthogonalLoop=1;jettySize=auto;html=1;rounded=0;exitX=0.5;exitY=1;exitDx=0;exitDy=0;entryX=0.5;entryY=0;entryDx=0;entryDy=0;fontFamily=Verdana;endArrow=openThin;endFill=0;&quot; parent=&quot;1&quot; source=&quot;7QqzYbiBiShg53c-Jw5P-13&quot; target=&quot;7QqzYbiBiShg53c-Jw5P-23&quot; edge=&quot;1&quot;&gt;&#10;          &lt;mxGeometry width=&quot;100&quot; relative=&quot;1&quot; as=&quot;geometry&quot;&gt;&#10;            &lt;mxPoint x=&quot;260&quot; y=&quot;700&quot; as=&quot;sourcePoint&quot; /&gt;&#10;            &lt;mxPoint x=&quot;360&quot; y=&quot;700&quot; as=&quot;targetPoint&quot; /&gt;&#10;            &lt;Array as=&quot;points&quot; /&gt;&#10;          &lt;/mxGeometry&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;7QqzYbiBiShg53c-Jw5P-65&quot; value=&quot;&quot; style=&quot;edgeStyle=none;orthogonalLoop=1;jettySize=auto;html=1;rounded=0;exitX=0.75;exitY=1;exitDx=0;exitDy=0;entryX=0.5;entryY=0;entryDx=0;entryDy=0;fontFamily=Verdana;endArrow=openThin;endFill=0;&quot; parent=&quot;1&quot; source=&quot;7QqzYbiBiShg53c-Jw5P-13&quot; target=&quot;7QqzYbiBiShg53c-Jw5P-24&quot; edge=&quot;1&quot;&gt;&#10;          &lt;mxGeometry width=&quot;100&quot; relative=&quot;1&quot; as=&quot;geometry&quot;&gt;&#10;            &lt;mxPoint x=&quot;320&quot; y=&quot;430&quot; as=&quot;sourcePoint&quot; /&gt;&#10;            &lt;mxPoint x=&quot;420&quot; y=&quot;430&quot; as=&quot;targetPoint&quot; /&gt;&#10;            &lt;Array as=&quot;points&quot; /&gt;&#10;          &lt;/mxGeometry&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;7QqzYbiBiShg53c-Jw5P-66&quot; value=&quot;&quot; style=&quot;edgeStyle=none;orthogonalLoop=1;jettySize=auto;html=1;rounded=0;exitX=1;exitY=1;exitDx=0;exitDy=0;entryX=0.5;entryY=0;entryDx=0;entryDy=0;fontFamily=Verdana;endArrow=openThin;endFill=0;&quot; parent=&quot;1&quot; source=&quot;7QqzYbiBiShg53c-Jw5P-13&quot; target=&quot;7QqzYbiBiShg53c-Jw5P-25&quot; edge=&quot;1&quot;&gt;&#10;          &lt;mxGeometry width=&quot;100&quot; relative=&quot;1&quot; as=&quot;geometry&quot;&gt;&#10;            &lt;mxPoint x=&quot;400&quot; y=&quot;500&quot; as=&quot;sourcePoint&quot; /&gt;&#10;            &lt;mxPoint x=&quot;500&quot; y=&quot;500&quot; as=&quot;targetPoint&quot; /&gt;&#10;            &lt;Array as=&quot;points&quot; /&gt;&#10;          &lt;/mxGeometry&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;7QqzYbiBiShg53c-Jw5P-67&quot; value=&quot;Generate Secrets&amp;lt;div&amp;gt;- Join Token&amp;lt;/div&amp;gt;&amp;lt;div&amp;gt;- CA&amp;lt;/div&amp;gt;&quot; style=&quot;text;html=1;align=left;verticalAlign=middle;resizable=0;points=[];autosize=1;strokeColor=none;fillColor=none;fontFamily=Verdana;&quot; parent=&quot;1&quot; vertex=&quot;1&quot;&gt;&#10;          &lt;mxGeometry x=&quot;120&quot; y=&quot;60&quot; width=&quot;100&quot; height=&quot;60&quot; as=&quot;geometry&quot; /&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;7QqzYbiBiShg53c-Jw5P-68&quot; value=&quot;&quot; style=&quot;edgeStyle=none;orthogonalLoop=1;jettySize=auto;html=1;rounded=0;entryX=0.5;entryY=0;entryDx=0;entryDy=0;exitX=0.5;exitY=0.957;exitDx=0;exitDy=0;exitPerimeter=0;fontFamily=Verdana;endArrow=openThin;endFill=0;&quot; parent=&quot;1&quot; source=&quot;7QqzYbiBiShg53c-Jw5P-2&quot; target=&quot;7QqzYbiBiShg53c-Jw5P-13&quot; edge=&quot;1&quot;&gt;&#10;          &lt;mxGeometry width=&quot;100&quot; relative=&quot;1&quot; as=&quot;geometry&quot;&gt;&#10;            &lt;mxPoint x=&quot;220&quot; y=&quot;350&quot; as=&quot;sourcePoint&quot; /&gt;&#10;            &lt;mxPoint x=&quot;320&quot; y=&quot;350&quot; as=&quot;targetPoint&quot; /&gt;&#10;            &lt;Array as=&quot;points&quot; /&gt;&#10;          &lt;/mxGeometry&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;Vi5QHpNjJtGqgJKW9Ny1-1&quot; value=&quot;&quot; style=&quot;edgeStyle=none;orthogonalLoop=1;jettySize=auto;html=1;rounded=0;exitX=1.002;exitY=0.179;exitDx=0;exitDy=0;exitPerimeter=0;entryX=0;entryY=0.25;entryDx=0;entryDy=0;dashed=1;dashPattern=1 2;curved=1;endArrow=openThin;endFill=0;&quot; parent=&quot;1&quot; source=&quot;7QqzYbiBiShg53c-Jw5P-1&quot; target=&quot;7QqzYbiBiShg53c-Jw5P-6&quot; edge=&quot;1&quot;&gt;&#10;          &lt;mxGeometry width=&quot;100&quot; relative=&quot;1&quot; as=&quot;geometry&quot;&gt;&#10;            &lt;mxPoint x=&quot;180&quot; y=&quot;80&quot; as=&quot;sourcePoint&quot; /&gt;&#10;            &lt;mxPoint x=&quot;280&quot; y=&quot;80&quot; as=&quot;targetPoint&quot; /&gt;&#10;            &lt;Array as=&quot;points&quot;&gt;&#10;              &lt;mxPoint x=&quot;180&quot; y=&quot;80&quot; /&gt;&#10;              &lt;mxPoint x=&quot;270&quot; y=&quot;80&quot; /&gt;&#10;            &lt;/Array&gt;&#10;          &lt;/mxGeometry&gt;&#10;        &lt;/mxCell&gt;&#10;        &lt;mxCell id=&quot;Vi5QHpNjJtGqgJKW9Ny1-2&quot; value=&quot;&quot; style=&quot;edgeStyle=none;orthogonalLoop=1;jettySize=auto;html=1;rounded=0;exitX=1;exitY=0.25;exitDx=0;exitDy=0;entryX=0.097;entryY=0.036;entryDx=0;entryDy=0;dashed=1;dashPattern=1 2;curved=1;entryPerimeter=0;endArrow=openThin;endFill=0;&quot; parent=&quot;1&quot; source=&quot;7QqzYbiBiShg53c-Jw5P-1&quot; target=&quot;7QqzYbiBiShg53c-Jw5P-7&quot; edge=&quot;1&quot;&gt;&#10;          &lt;mxGeometry width=&quot;100&quot; relative=&quot;1&quot; as=&quot;geometry&quot;&gt;&#10;            &lt;mxPoint x=&quot;120&quot; y=&quot;160&quot; as=&quot;sourcePoint&quot; /&gt;&#10;            &lt;mxPoint x=&quot;220&quot; y=&quot;160&quot; as=&quot;targetPoint&quot; /&gt;&#10;            &lt;Array as=&quot;points&quot;&gt;&#10;              &lt;mxPoint x=&quot;190&quot; y=&quot;120&quot; /&gt;&#10;              &lt;mxPoint x=&quot;290&quot; y=&quot;150&quot; /&gt;&#10;            &lt;/Array&gt;&#10;          &lt;/mxGeometry&gt;&#10;        &lt;/mxCell&gt;&#10;      &lt;/root&gt;&#10;    &lt;/mxGraphModel&gt;&#10;  &lt;/diagram&gt;&#10;&lt;/mxfile&gt;&#10;" style="background-color: rgb(255, 255, 255);"><defs/><rect fill="#ffffff" width="100%" height="100%" x="0" y="0"/><g><g data-cell-id="0"><g data-cell-id="1"><g data-cell-id="7QqzYbiBiShg53c-Jw5P-1"><g><rect x="5" y="75" width="140" height="80" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 138px; height: 1px; padding-top: 115px; margin-left: 6px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Verdana; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;"><font>Canonical Kubernetes Bootstrap Provider (CABCK)</font></div></div></div></foreignObject><image x="6" y="94" width="138" height="46" xlink:href="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAigAAAC4CAYAAADJ9BfvAAAAAXNSR0IArs4c6QAAIABJREFUeF7tnQn4fttUx1cpURSSNAkZM2QuhCjzTNxCRUSZKslQKEWoS6EkU5PKmBAVlblUZJ7nIc2lUCjV+bh7Zd3lDPtM73ve9/ddz/N/XL/3nD189z57f/ea9ueYRAgIASEgBISAEBACG0PgczbWHjVHCAgBISAEhIAQEAImgqJJIASEgBAQAkJACGwOARGUzQ2JGiQEhIAQEAJCQAiIoGgOCAEhIASEgBAQAptDQARlc0OiBgkBISAEhIAQEAIiKJoDQkAICAEhIASEwOYQEEHZ3JCoQUJACAgBISAEhIAIiuaAEBACQkAICAEhsDkERFA2NyRqkBAQAhtC4LxmdtuO9vyLmT1qQ21VU4TAUSEggnJUw6nOCIFPI3AdM/uDHiy+y8yeLKyqELiEmT3VzC5kZmdIb7yrwfECVaXoISEgBEYjIIIyGjK9IAQ2j8AXmNnFzewiZnZhM7uJmbHRuoigjB/CLzSzy5nZS8KrIijjcdQbQqAaARGUaqg+nXX3MmZ2DTO7tJld0My+ysy+2MzObGb/bWYfN7OPmtk/mNnfN6rh95rZO83s7c0m8Voze399dXpyhwjcysweUsbxl8zsgTusexdVPdTM7r0CQXmCmd1+RAc+YWZn6nkec8p7Ksr7o6Ilqnh00Udo+3+KoCyKqQoTAp0IiKAMT46zm9ndzewOZvbVHY//W7OpgeVZy/92lYrN+vrN4vrK4Wr1xI4QuJiZvS6p77+jqPV31ITVq1mLoEDUr1Y0NWhrLmVmXxJ687+FmL/VzN5mZm9qNDvP6OktBOA2RVNx+XIg8MffYGZvLP9eamYvXx21z65ABGUPoKvKk4uACEr/2N/ZzB5sZmcLj32wWYh/z8xeYGavNrN/NLP/Kr9/rpl9ZVmov7HZ+G5qZmyAUSAozz+5U25zPb+TmT02teqXGy0YY38sshZByfj8YvM93CX8EeIev51aPFmX0M58b3nhPo1262G1L6/4nAjKiuCqaCGQERBBaZ8TLES/ZWY3Cz//eyErjzQzVNW18g1m9oBCVsAbf4Bn176s51ZH4CqN2Y4TeRQ0Zo9evebdVXBIBCWTE0xTP7s7qHprEkHZyECoGScDARGUzx7nzzez55nZNcNP+JTw/18/Y1qwCbIZ3mJAzT2jCr06EYGfafyHOKXzPTzLzE4JWrGJRW7qtUMhKOD/+ODXci8z+7kNISmCsqHBqGwKZsfXFL+yn6x8R49tBAERlM8eCE7Odw1/xikO7/03zxwznC8xG9y6CVn87Zll6fXlEcAUQfQLzs3HJodAUDI5+VEzO3VjAyGCsrEBqWgO5trvF0GpQGqDj4ignH5QrmpmL06Orvc3swctMHY/YGaPKUmffn2B8lSEEKhFYOsEhXXoccURnT7ds3E4f3ht53b4XCYo7yj5UXbYBFU1AoEvMrO/LcELROZJgzICvC08KoJy+lH4czP7pvCnvzGz85vZJxcYrG82s5eZ2fcVB8AFilQRQqAKgS0TlExOfqQJ3X9EVa92/1AmKG8xs6/ffTNUYyUCrLUQX0QEpRK0LT0mgvKZ0SDqJof/corjNLeEgDUmBCJ+PrVEgSpDCFQisFWCwjfxK4W005V7NGHKP1/Zp308lgkK4en4OEi2icCrzOyyIijbHJyaVomgfAal7HvCL/ieEEq8ayGlNim0Sa99DjMjFwvqyo81anDCnP/KzN63UKOoi0WWf+cqieZYeP+sJJ+bUs25iyaK8r60RD39U+N/g0qctpPUbilZo/1T2kaIORFbnKjpMzlxSNpH9Bfhtu8u/WcMh4TEfxc1MxKXMfb8O2Mph+ylf9nk5iGnTq1skaBkcvLDTUjyL9R2aE/PZYLCgeaKpS2MEdrXryu5YD5SEjbyDAkbp8rnNWkJrlAyAn+ZmZFb5l9LPhjWJk9xMLX8+B6JKOkPySVJhjdG6DeHPJJXcgCjjBeZGThMEeY/7WENAXf6TBI/tNx8U0PCWPCsy1QNyllKcMPXlO+aZJysZZAf8vswHmPkfAUn0lGQnRgfR4IwSOJJQk9MUpKCgAjKZ6YCHxQfmQubC1lix07AOZOLD5L8D3ycfRk3qQNz0Q+Z2V+3VAi5gQy0CXXg1Y6/DZegEUodk2v5O+DB76+o7BBEgSRbqOhjWvX8Orj+bpMY7afLItZW/C7a35cFFX+hnBulCwaS9923WaxI7gaZ7BPmEgTzOztwvV2JJqL/EJ4uweT4tII1i9uQbI2gZHLygzMv3esby69onCT/LgHEptO3cZIlmvmfJRMU/NXu1jyEb8ONG181yESbYAoin9LvNCkH/mdosMrvzKUfLxFNbd8nj9EHNFBEobGBR8ltjb/RZnLWIBx8cCJlzvv6RyoF1hbmKoQji2u6OECxRpCJ+Wtbnvtwmc+0sUaIoMQsQ2j5eTpegPw8s2AOrlEg9jcv69C3tdydlIsktw7Re23CGozv4Q2bsaNdbcIhEUdufAuHxpUITupzQtuFB+Tnuwfu0qrB8iieEUE5bRg5meSFPp6OdjXY8ZI3cq1w4RunJHxh2NzQcrCYYCpCYN/fmk4K/J2FkgyffBS3LITH+0BOCf4+9KHwPKcFtEhkAO0TNCbPLc/yHG2F2LCAk8iOCBmI0bUD8UKLQr4RvOyz7KL93iayoRJWTOZSl1qCQnZhFvo4HiThQwPFhoEWhUWfsYiXyrHo/X5LvyOR+OeSL4dTGuNPe6/enJy/PbzHJso4sqj1yZYICmsO5O+OpcFL5JzhIIEqn39E/3DqdmkjKPyGdookivwjuVzcEGsJClosyA7arRohfQFzbUiLxjfHs94P5hKknkhCDgJoB8in5CQW7dz1Srbe2A7mNFqN65bf/TcIFZsv2EOuWf+iOEFhvfmWRltwg7LO+DMQBEgyfekj0v481yE8aQCgc5Y+oy1CWB/4RtAWss5BGKjPyRoYEhEZc0oNXZKZm9BFUEgQCKlywgm+JOdEy0H91BPXT7RNEKOucSV6k3XC91vuc0JD7Q683JtFAk/mMaK7sgoQIiinAcEm/8dp9nIqg83vUvwDgxzx35gGsrDoMLn94yEF+CV7Gsli9BPhd8oknwv/UCmyyPI3TmxsnHxoUSBJLH5dgjkDsw2qSwSiBymKl6r5u2wChFhfORQ2FE66dvtpyv2KRsebVUNQ8jvMn+9pNt4PdQCFkzQLGWrdIYKCuRFNVJv6HlNIdCJl4eNE3CdbISiZnBB6H0P6l/jWot8B5XURlFjXHxby7H+rJShsnJyeIeOYHwhRh1iyibG5u3Yh1sU8uVaPZpYrA/ieID4IJJ/cSZmEogHl22Q+IWgTWBvaNklIBuYWl+c0JJFDhZMBTv+QIOqEbDtB8efz+xyeOLSw9vC/tI1+o7VhnkPc0Wa4sMagieHA0ya8R5/ZqBEIOWtOzjuFWYR+oLlBwJ8+cAVCFtpATh2XWhMP5OA3wnv4RKHRyd8i32cMg//NovnI7aB9rOe+10J+frWlvZgIOdxAPkVQCkAiKKcBgWo9M3xOGIQY71KcoLBos3h3CROZU5ELH3aXliNv8ENRRKg8uTjPhcULEoK6tk2eHk71aE7QzvSZhTglsBj5IsNJ6Urlb23lr91+6hxLUNAEsTn498MpDy1J1wLs/YKgsDkNEZS+8UTdzIbgpy0IIZtNnylyCwQFrNCWcbWACxsXmrWl/Kkod5cEpeY2Y8gFph00Hy5dWiO0EfhNOHGA7KI56PK5wAQUUyB0kf1MMJgrbPRoPUkgCblhs/fyhggKWbYx53YJ3zMm6KhdwQQGMWoTNno2fIT1Bu0E31SbcLiJ9zChaULDk2UKQYFEsY66lgYNDt9ql7ywaQumJBcIIvMvCtomz0jO83z/XcLhkLuqRFAKQiIopwGRN2X+to8U25gb0HZwgu9zlsobDqpPfBLaZOwGzwaI/0q0KbPAtWlEcuQTC96Nej5A/8k/RP//3GvEpr/r9nt9YwgKiy4X30WTTdvC1NYXNhBMbF0EhYUJrIduCOZEBvYuX95iooz175ugtJETbx9klVP3EqH8lLk1gkKbIPzR1wHfDkxMOZoPrQEbrstQJl02VMpyweSH9idLJihoMTGPZEGDgiYIAoIPikt+f4ig8B514GvlwjrUdks4mgOImPvccfjC3NEnrE/+/UG2WKs+kF6YQlD4NvlGXSCKzM8uAcMnhx/btO5oltw3jXnwYz3lsfZCFnmmaz0fgOa4fhZBOW08f6pFW4LdsM0/YgszIG+onEo93j+3byxB4f2nFjONl9WVnv/XilnDn8PEEdWjXVhhnnLfFJ5hkblwh2Pvmu339o0hKJwEsUe7jPFVgoDi1NxFUGrnFmYCzJIuYIe5rkv2SVDYgDCD4DuFYB5wnx1vL7/HSwZrcWh7bosEBf8hzD/RV6Xt0lBOz9HESkRYdgTNfWZjjresYwbJh5sxBAPfFrQYUdsx5n1vnyem9P/fZc5DWxzvvapZdzGnRA0OTrpoqaKMJShouDAtQfYRNJP+313zEf+y6EzNN8i36MJhJpLQfbgNzPmW9v6uCMppQ4CHfWa2Q6aQfQ7emA11ygbP/Scx/0uXypGPODrYkdSOE1iN4PTHbc8uMbIgvr9m+72eMXiSBRgvexfU4kRR1AjfG5oPHF+7TGY15WSCghmAMrtkXwQF0wQnacgJGhI2H4gpBC+vPW2bTA0W+ZktEhTaiEkQE64Lc4a5EwXTHeZUBJ8H/DiGciZhSkED5YImEo1klCkEY+77ELDoCP7EkCk4lp1JGb419KlPiADkm3Vp00yMJSiYVfGpcfnTdAhoaw8HreybAvmO2kD8+9wcy38T4Zi1PQPdPbk/i6CcNvb4mqBFibLlpFFjNtQpG3zNhgYZwQbvUrug+vMs0EQQuHQ5ma3V/jjWY/DM4ehztSFTVp9DISjeN8J8scN7XopMgHkO505MZUMagyG8tkpQ8nzHHykSFswUMV8KZCVH17T1PRMfwt3RgEbZB0HJETVdBIUDDeYulz7/K38G8ztrlAtRYWhsoowlKGh/0Qi7QJzQHA8JvjsxJQT+YPE+r+ynQiQQjrJ/MlSwfv/sU8xJxQT1sucFcAxqvb7XwIyIGE4SePQz4clVgH3SCSUOppyaXfqiTtba4HHSxV7swofXlguhC5+YhppncIqLfhX+3lrtj+2qJSicjrIjLGOET8qSQrisJ/1ik+IkHXNs4IQYN6+talDABBs+mjLU5y70BSfNePLnN8gJdn9y5UyVrRIUNiU2aRciVEjs50IIOad2F8wsaJuGxC+59OfYmGM9/H2rBAUTCE7y8aAMMRvSGhG5RAi/C34gaHmjjCUorPcPCAXwnbdFUebxIBQ8th/fmHhww4EX37wsry3jBBHKeXqGxvzE/C4NymlDzSk4e5jXhG8uPVHwUSC9PovVGNkHQUElj7Ocy9h7SXCgi7c6s8mz2WfZEkGBLGb7fk0Ya+1YkuOEk3abo2NfGVslKGhFyG/RFt2EgycJA7OWAF8C5tZU2SpB4TQeHR+JXIqaA3w/njW10+G9NtP0VgkK5ConmJsCQZvT7liCQhZjEgbOlbYQ9ayRjnVAxiDrhB5DVpZyFp/bj028L4Jy2jCwUGTfCeygaDF2JahEsc27AyELGKpw8iDw3yz2Hkpae+Kn7Wtt8DjmxmyrbDaEjNZKdjblFMFmn2Wt9sd6avHEAS77ehCSWJN6ewiXfIIjVPtRRbOEyhhVssuhmHg4gbIJdck1G00ROUhysq+hMPs+LLdKUPJ8h+ji0OqC0ydmTpcuwj40j9p+3ypBwbk3+2MsRfjHEpScjZhEbe7YPQXz/A5+a4SEkzK/S9AykueI1A2SFke1kwwKoW5xgySNNJvPLlLdY8LBROLhaIQOkuiJELU2qd1QeXetDZ4kVDHh0FDCuNyPfKLE/u7J3uKza7U/1lGLZ/YToIxsc57yDZH3geR7LjgXsqF1pc8+FoLSNj/5G6dI8ul05cLow3irBCVrHCG60UybvwcOTPh5LSFbJShtGbz5xlgL58pYgkKUEU7cLqxtmOWWFEybmHzQHuNEzLrfJgQooEk/8SINymemANqAmESKX3Z1WWDe7IeunK/dUNs2gJropBon2aySrklaFT+47JSGTRYTV5YtERQIa46+wR+o696j2gUmh2vjg9J2x5KXd0wEBe0JDqMx4RX9ZJNiPoy5FJH3tkpQssYxh6cTfYM2yQXTx9DdTrXza6sEpc2nC7+cnEG2tp/xubEEJeeqwdzmCdam1D/0Do61aM0xz6NJjHsxBxP88XLSt6Eyj+53EZTPDGm+/ZJflvZDgQRhe8/ZCXNc/xAx2gJByUna2LjJeVErnrTMn2dxjtlx/e9bIih8L2jW4smHNseNpbb/8bmYy6JGc3dMBAUcOElDUKPJg78TocJJc4wWc6sEJW+AOWoNUpo3JObZf0yZUOmdrRIUmsl897T+/P+2/DBTIBhLUHLqepy7PaPvlPrHvIMrAf5JMe9Km+PvmDKP4lkRlNMPI9lSo98JJhZUjkOXe9VOBsxIfJAxmQ/v4r0fHWMhMV13uvD8FggKJwB8L+JNnxCU2vweJJaLdx2RiybmNtgiQaFN+ASR1t6FNtP2qYIGgeRlHqWDNsavAegq89gICv0kogdnwXwjMJEV5L2ola0SlJz3J6e7J1KLtSGmxMf0h6ZlrmyZoBB6zuHQhdQDMYR4at/HEpSswWLNR2M6FFE0tX35PVL44/foezIXFPrt0kvVcXDliKCcfshw8vyLtEhyWRQ5UeaK21u568EvxfIyYetoTVzaskHG+rdAUGhPTrkOyWIDrxHUuCQtcsE2G9N8+9+3pEGhTTi6xQRbXaapGgx4hlNyDKvN2SjbyjlGgkI/s1aNv6HuZvPIl3l24Zu/JRzgh+76mXpZYK1ZExJKyHA02bTl+2BtIHusC8Qshr7Wzqn83JYJSvb9WCo4YSxBIVw45i8BQ7I1x9DvKfjjHEvwQ40jPWZdN3MvaeKb0u5NvCOC8tnDQEbZeCKGQfOBxwuqpgwedkYyPLZtaCTtuUYodOgOiK0QFLzc43UAQ3dNeBezsykRDfyt7fberREUTjWQiBh50pa9c8wcIReEn5whK2Se7DNrHCtBYT16dosJlM2dhTvmUunCN2u4akjz2gQlJy0jQivngKE/OaM1mxTzbW4o7pYJiq+LcTy77v4a801lglJz+SvjQo4hF+bS2JQPuY1822jLuM5hSPB7wbcPkQZFUTyd84VrupngLqheuchrDklx4tNm22STjyFtQ2rtrRAUkiWRWZXTB0LqeyJxhuzmub996eK3RlDoZ7zBmf/PxonZJyZoGlqM4u/kkIk5YIbSfR8rQQETzIScJGOOEP5OlBMYs+D3Sfbnassymt9fk6BAZNEKxI2vS1tIki/CiyP5JVcQp/A5poYtExT6yncTxxtNEm0madtUIXFbvBeM/8Yxv09yMj2e7csxVdM25iuH0qgh73qPVA1EbyJrO+nWtH3vz0iD0j4E4IIdlNtEXdh0Ubli8sFnoFYw10A48LfgY2Shxd4YJYcYog5Eo/Lq9BxaBogM5IkEWC77SNTmdedoHu6qISqpS0hGRipuX4TpI7b2Nu0JZWyRoGCue10KSyfaBPs5/e+bH8ytfAttVnNTNlEteYHGMZmsx7dMF+5tNVHbUB6UrjnCYs5pNl6ux7M15tYcLcPGTtgmF9LlTZ4QcZxTyTcUQ37bkm1RP35XMR/NkImHOU6bOUG7ELF1u57v49TGFwWHzSiYCPgbp+ouQQPHgaHNB2zLBIX+tGVbhbSzZjIP+oS7i9rSMeQ+s6ZiPuvTwoEh9eWM1qz7jxjwr8OHiG87H85cO4oWjWi1LuFQEm+M59JI/JZOtIig9A8/WhNUczGFO/k6yFxIrgo217yxkoYZFswiSy4LPpR4ImIS8rcohNuRFyGeIpjYqBj5oFh4cKzlA8Mmjxo8hsDtk6DQDzYArir3+YTJisRjfOyeywMNAXkG2GAdjzcXzVSfj8AWCQp9xuRA9uF4kyx/ZyGk35yEUc3TV5zt+Mf44udEnpvoh3SxcsqKDqJs7jiNUh6+C4RfkuQJ0kLOmah6PjaCAo5t10/wdwjuM3s+WxLDQRxyiC5aUByQISk8w+9+MR+ZbuN9KrUEBdMT3x5rAv8NeSGHCwQWMy0J5yDfLny35MCIJCd3hXbw3LXSD3xHrB30gTWBeYW2iQMQmhfWBxL73acFm60TFJrcdqM8f8dXDc0CkW5gi/mTPqOp9RvQo5Otdx8cCTSIkYVoeNFIQeIYf8xnEMLoN8ff0FBmDR5Os/ydtYpyWLPRHPP9M194D6KVI/qcoDDvSAbHP/rjZJm5eEo5EHtSQ9YV9o4TLyIow1OAiYjGgoWIjSQKfgJsQmwaPMcE4wNqw5UFho+NE9QjW6rlI4Nh+82XbS1j02OTJ0dEzL3BiR3NDMSARYqPCQdUyuS0Fk8EPENKZT4SVI9+2sdZk02XDRRVaMwKS7gnYXA4EHdd5oYmheRCMbkUCwqnGzZniJsLpA5NA8Sm7b4LFt81289Jye8zgjhxV0xUwaKSx2EX0kh/MWO1JU3jBM4CxwVtMfqib1YxdjiDxrTnviFzyu/7Jlkg71ic9zBDujAHITPcjcQ9LMxFCBB9g7yw2EVC9NKy2NI//qFS70oK19cXiDibH3Xwj/8f70jh+6Bs5ioY8r/0ofbG66eUxTu2gfnKwcDnL8/ku3sIVYXEeFbmtj5AEiACnIz5tqNWg6zG4InPWLxAjnn5sKLBOs/w0vH/T0AyeY9/NaYaiCo+E9zwHb+brirBmfnKJXqQfhc2cIgSGydaNxfGAVMY64n/a7uOgE0agnWjMsfj+8w/THGMhWtt+Ab4blk7GIN4iOI7wtyGYz1j16YxxSyD5jqHm3f1m/UU03mbcz3vZG1aLoc24Aibb0+GeGCGZl2o2SOZS08ql85mfyE0KmhX8hxmXWScIbNeB+MIrmjcxmjpR0zFw3q0BvzD6tG6rUWDwcmGzYyPH/bM5gtbZ7LzkUMOYNg4frIZsWC8MX3IXa1kQeAERB18pGzweJZDDLhwCmLBAsdCyaKcJz7lslHA2muSh7Eo+wJMvTi5Dgl1ti1mvEfIMR81TqOQIj50SBsfKR8kixSnFfoRb27NdXIiXLP9jN/Qle6xTSy6jGGXQMpYjFHTgj8nc4gm/WbBYhNgUYboUW/XJoXjJBFj+CtwwuPUz2kZzPB78TbnzLPeLuYKpCk7ZQ6NKafRvvHoej+nBx+qh99J5c29JzVCfgzChnNYfs3YcJiAAGMqBRPGgu+RsFYiM9jUPH1AzlHi5XeZqFg3GWfGi7nECRoMOa1D9Bk3Di1soNxmy9h1ZYXuw4HvB/ILCWQOMq8ggHz7jDUHDLR1mAKy6SKbo/rqgQjly1J5Hk0f5sg+iSbdtlxSbe/25Q6CVGLyZtwgV76GsGGDIespJActA/0fEsrim7pkOUSwNqOBhIBias6p9mN5kHpMLXzXrEl8k+AKIQMb5ibl0JauCy5ZByBB9IU2oGlhPjK3Wd8pi0MCB0xyn+SrNIb6d9S/i6Ac9fCqc0JACAgBISAEDhMBEZTDHDe1WggIASEgBITAUSMggnLUw6vOCQEhIASEgBA4TAREUA5z3NRqISAEhIAQEAJHjYAIylEPrzonBISAEBACQuAwERBBOcxxU6uFgBAQAkJACBw1AiIoRz286pwQEAJCQAgIgcNEQATlMMdNrRYCQkAICAEhcNQIiKAc9fCqc0JACAgBISAEDhMBEZTDHDe1WggIASEgBITAUSMggnLUw6vOCQEhIASEgBA4TAREUA5z3NRqISAEhIAQEAJHjYAIylEPrzonBISAEBACQuAwERBBOcxxU6uFgBAQAkJACBw1AiIoRz286pwQEAJCQAgIgcNEQATlMMdNrRYCQkAICAEhcNQIiKAc9fCqc0JACAgBISAEDhMBEZTDHDe1WggIASEgBITAUSMggnLUw6vOCQEhIASEgBA4TAREUA5z3NRqISAEhIAQEAJHjYAIylEPrzonBISAEBACQuAwERBBOcxxU6uFgBAQAoeCwDnM7O49jX2Bmf3ZoXRG7dwdAiIou8NaNQkBISAETiICX2FmzzWzi5rZF7YA8KNmdupJBEZ97kdABEUzRAgIASEgBHaBAPvN+czsnmb2A6FCEZRdoH+AdYig7HfQnmBmt5/YhE+Y2cfM7CNm9l4ze5eZ/bmZ/aGZfXBimXpNCGwFgXea2deNaAzfw7+b2YfN7G1m9joze6GZvdTM/ndEOSf50XOaGWvSNczsDc06cgcze8sKgPyQmf28CMoKyB5ZkSIo+x3QS5nZ1czswmZ2oUYNelkzO9sCTXq+md3fzP56gbJUhBDYBwLXNTO+D74Lvg++jTNOaMj7zexBZeMVUekH8CkNITklPPLWYpaZAHvvKyIoSyN6pOWJoGxrYH/RzO4SmoR25DItTTxTY7M9S1GX8vtNzOwC6blPmtn3mdlvbKuLao0QmITAG83sYuHNPw5mgi8ws7OW7wEic0sz+5pUy4sawn6jxrzw0Um1n4yX/tbMzp26+uVm9g8Ld18EZWFAj7U4EZRtjWwmKP9WqVH53KKO5f3PD136bzO7opm9alvdVGuEwGgEMkF5diHmbQXxPdytccj82aR1ebGZfVujXfzU6NpPxgt/Usw73tt/LITlfxbuvgjKwoAea3EiKNsa2akExXtxRzP7ldQlfFJQl58E8YXv6mbGZrRr2Xf9u+7vLusbQ1D6voc7mdnjdtnwA6rrImb2+8X3518aX57vNDNCgJcWEZSlET3S8kRQtjWwcwkK44mD7FeGbqFF+dLiQLit3i7fmjcXm/m+CMq+618e0e2UOIWg8D3g7BlNQ/ikfO12urW5lqB9wjz2ITPTLlb+AAAgAElEQVT7r5VaJ4KyErDHVqwIyrZGdC5BoTe/Y2bfkbp1ybJQb6u3y7bmqmb2klLkPgjKvutfFs3tlTaFoNCL+5nZT6fuXMLMKE+yHwR+sDFd/0KoWmHG+xmHzdcqgrKtIVqCoDyyJWsjkUKEWx6z/JaZ3WqPBGXf9R/z2NK3qQTl2iX0PuLzvY0W5VePHbAN9++ujVb30SIoGx6hjTRNBGUjA1GasQRBacutgoob88OxCiasvzEzojmQXWtQ9l3/sY5r7NdUgkKU26sTQPcxs4edBNA22sfsKycNykYHat/NEkHZ9wicvv4lCEr2xCd5FXdhjI1cIIyZCCDs0WzAzJV/Lj4u3JtBCPQcWbL8+zbRGj8TGjOWoNA/+np+M/tiMyNEm75Cet5hZu8xs75Ihrn19+F43sbh91tKdNbjOx48c/G94dmzl3/kDCEKjAR+f9lo1XB6nCOMP0SXMN5zlYL+romkee2OzIdTCQrp1TM5/6kmedtPTASjZjy86M9rnE4vZ2YXLN8Qad4Zh783s1eaGWG9xyjnMbMrlHnCfPzPsl4wX0j89k2NI+5vho6PIShgStnkxvmykoTvX4uGDSK6pN8M5JZ1gaSBf3SMA7X1PomgbGuE5hIUckGw+LFhuTwm5VYZ6jHmoB8Pm2Lb8zjeYjLCtj82Wmap8snPcJvyj4ReQ0IkExFNUXCWJBT1Zk0yLxa+LvmP8twDwwNT62dj+saWip7ZLLLfXv7Od8l/Y6u/cvkbmVFzP29nZmgDyIGDc2OXQLie1mwSP9KR04JyX9PxMhvMD5cw9uh8HR9/d9nwnzw0CDN+n0pQ2AzJsBwFXB9V/rDkeHgdEF0SJd685Gfp6vabmt8fXnIVtR0g+Lb4XobkwcXXJj8HIWCedglEns33Ax0PsJbkvChdZfH9MB/vYWZEA/UJCfPi3lNDUDhksS6ReftLOgrn0EQUI4cVSEsUckdBlNqEkHTWXuSLzOz7S44dz2SM2RzHXsmOERBB2THgA9XNJShkzOQjdiGPAQ6yLFRDQv4UPm4WGRdShpOVlgUM8wlZPW/YfMykxHb5tcbjH5Xt0Mll6fIf2iw49x7qVPg9ExRIAiGUaEwQNCXPK9cG0FY2fd7hNIg8sWzSXuTU+ln0IB3Uf+fQPjYjNowblAUWR84obQQltgGND7lByP6J5oeMxJTnpIey2Iw4Ef5TKpuxvVYhpZA+15DwGGV9VSXOTy9+QBDYpWUqQYEkPCM15hbhb0uOB9WwueFf4YSXb/A5ZX5BFJlP1yvfkjeLPEUkkcsaFcjBt5oZPjOkn4+CKRfN2OuLBgsSnYX3L96Q068vGWKvVDQO9yoHC0gpmkG0TJDUSxcS6/tCLUGBuPLtRALNmkPIMlFT1IH2CGLBXTzfkObUEEFBC0X5Pi8hH79bNGNnKBoZklU6SYcwgzHrV5TLl++O75rfXX6yZBvmxmW0oWhmooigLP01V5YnglIJ1I4em0pQGEcy0HIq9DFFvc9HWHONOe/8Xlkk6SoLCh8r2pecHpyF5hHNYko+CRcWIhbYrlTia5fPyf3WoT1DJh5ICRs5t6wiLPaQhUyyWPzAlN8yQYlTYmz9/m7EC4LEWH1PKJgxZNFFM9ZHUNgQ0Y60kUS0H4yXC3OME2OXMA9uHH6EoD6rmCQgNpgoaA/El0zF5MqI8usNybvtCt/LVILyc+Vyuog5487mm2XueKA9QCPi8qTyHXFnVha+H8bCicz7ijkok0feg9Sw6TIfXTgUdJn82uBnbkFOh/IiQS69nhqCgoYGouREHgwxoXFY6iKqY8KM0cb8VcmcTb8g8hDMjBNRdH8QbkvGlAQhacMekymZhV0gkJA5TEcI6x8kCDM05F0EZYUPuqZIEZQalHb3TC1B4YTPJsvpj0WHTY3Tj4unAefEXCOQG1dx8jxamOjT0VZGDmdmI4yhg/GdtcsfSxDYoF3Fj48Oi1OX+pcFGA0SVwZweVqbjK3fy8iEDl8JtBAswhASFkm0LS8fICickjEXtAlzhcXcNUWkLae/XWQyExTmFX4mXYLGjY04yvWL5q1m7tU+M4Wg0Hf8h6IG6C/Kibut3jnjAU6U7Zmc8VngpN53/w8k5bGhIX3ZcZ9aUvj74+CRtWxdWKKx8DFsM3XG98YSFDZ3tKoumH0fMDCotQQFco55zokDuVnQ9vDNtgnrFsTIpUszkwkKYwRheW4xXUNuWA+8PBGU2q904edEUBYGdGZxmaCMKQ7Wzwf2kLJQ1r6LvwpqfHwNEDYwfDM+PlAAiz4OmB45wy2y/C2rmtcun2aOJQj4e+B3grAAovruE0KIMaGgVWqTsfV7GXHzYvHtMqWw2UGUsg/KdxWzzNCN2NnPou9+lbEEhb6gXcIM4dJHAmrnZX5uCkHJGxZl9m3Qc8aD0/t1QqNxJh66rJP1FyIaiQZzMfvMUCybNLhGwfzzpxWAYrpF4/L24h/SR5rGEBTMTjjlu6AFwiF4yNxbS1DQAGPaccE0hUasS/h+4k3uHNBoT5ZMUH47aWD9eTQoEFy+f/mgVEy0pR8RQVka0XnlzSEoXjOLAw6s2GjxD2mzTcdWoo6POSH477jZ9PUI0w6nZRc0DGxWuyyfusYSBPC5Smlk1yI2ZiTH1u9lx40CkvjVHZWygXGHTLyifkz70KixmbkQAcFm1SZTCAp+BZggoiwd2j6GoLCuYW7BATo6DzNOkLoumToe9B+y7uspmxqOsjVyz7Tp9rXxFYlM92lcvG40Z8wtNtvoDNrVtjEEJWt18N/AL2pIagkKvkP4ELngS4N2o0/QdsbvCP+Y7NuTCQoEBN+rNsG3hcMfmiLJjhEQQdkx4APV1d5mzLjhC4LHObZf7LRsYJh74oKMah/fhL4bjTEpREfKMUms0Cig/nSJkSj+t7XLp56xBIGFHZ8ZF3wu5ixAY+v3ems3xLmzNBMU1OT44LTJFIJCOWgLopmRuRGTcc3tQx9BwayCAyaOzZjE0CjRxyj40ZwycLqfOh7ZhMn3Fn2J+vqOLw9aFBe+2eyk6b9lh182TjQEmRzG+jwpGmYRNAxDtznXEhT8VCiTdcilNmN1LUEBC1IAIBy80MYOpUt4mZl9c2gTifryfUJjCMrceav3ZyAggjIDvBVerfVB6aqaUxsqUDdf+HOcvDlRtgle9vFqepzN+MhrhMiPmB+A04s7y/n7a5dPPWMJQlb9Y2/mJMslclMiUMbW79hM3RBrxiY+swuCAnY4zbqgvYsRYWPbnJ/PBKW2PBw9SXePI/SQTB0PCEnUzOCDkdPrd9WNiRQtZzxY4FvWRjp4BmfqqJ3p+7ap03HDPww/sSGpJSiZWH2ikJWam49rCApm5veGxvYRt9inbGrj2g80PVFEUIZmwUZ+F0HZyECUZswlKN4bHEBzpAanPKJyonAiySYgFj9U1DXC6S2bCjhRucPp2uV7G8cSBE6SOKS646iXgx8IDp84AI/JvDu2fq9v6oaYxwZ/B/J9sLFx+gb3mNcFv4Z4Kl9Dg5JNFZjRanJ41MyzuNEOPc8GyZwk8gMTJJqTIZ+IueOBb4g7clLWGC0kz2OCiTlm8L1go22TfI8NkV6YNNo0I+CPwzWYkCIAM9SQ1BIUouZi3htML5hgaqSGoBCJF/1r6AMh20NCeL37xfFsm9lZBGUIxY38LoKykYEozViKoPCBcnJC5e2CEytZMFnQXFgUWRyj9DlQZrQI12RTj8LfPO/K2uV7vVMIAmYdkpeRcbVNyC/ByZiw2bbQz/jOlPp5fy5BwTRHtFWbI2DfzF6DoKA9QYvi0hYWPedryxoUj1TzMiEhmByY3zWn+La2TB0PCFEcA0xJzK1aIV8HBMKF0O2ndLyMLwmOoDFZGWacX2p5njJoC87z0aTZ165aghIj4SiPSDP36xrqdw1BwfcDcjlXmJdZeyaCMhfVHb0vgrIjoCurWYqgUB2pvElAFAVHMBzCXHCWzL4ILHxdYXy5GzwL8YmCP4wnSFq7fK93KkFA64Dquy2zq5eNNoh7Wwhf7LJ/T61/6oZI28hqG8M5caBEc0ZOCswaMWx6FyaefKJewvk4zqsxTrKVn9tnPTZ1PHDCjBlXx/o0kTAtRmiR7I3Imy7JuV343iCdsf0eHo9/zjUbvwzmQI3UEpR8SzR+Hvh71EgNQWGtiunw6eNQhtqaunlGBKUWqT0/J4Ky5wFI1S9JUNpucWUDQ0XsgkYlm3NwSqu9twWzAWHJUSiTcENk7fK93qkEwd+HoLAg4oToydvyzMCxFt+ettP51Pqnbog4Q8cEfJgy2BS7NAe7ICiYNWIEFxoo8m8sJVsmKPhK4DPhwjwiiq5WyGETzSNE1qG56xJ8xvBRiWa8HD7tflaYKomoqpVagkIqfxKyuSxNUEjGFrVQYyKjhvoqgjKE0EZ+F0HZyECUZixJUNpucc3x/thr850VLH4xl0AfQtmRjWcp081Ia5fvbZtKEHLf+B7w18C5E40A93dEISIqZmWdW/9UgoIDaowSGcq5sQuCklX+a/ug1ITYjv26p44HSdAiGcNhdsy9RGy+kHkXzBv0r09yosSYIZYIGwgMDutD2phcRy1ByVoQCLPfGzWEe40GJR+wWKe4j2cJEUFZAsUdlCGCsgOQR1SxJEHxDKSx+l9O978QFcAFWzFUEFVzDHvsaz6ppDEpuOBwi43cF/q1y59LEPr6BlEjRDqaf9qilChjKkGauiHGXA+MH6a2vuRbuyAomMFIpBXHpC/nyIjP4tOPblmDkiNH2IBj+P1QX3FwJWWAC6bHnJQtl5G/PcYfMw+mEPxNIDhs6jjQDuVCimXXEpTvTloetEjkg6mRGoIC6eaOoihgNKYvXW0RQakZpQ08I4KygUEITViSoNyyJbwOv5SolqXqnDfgpuVenhpkbpV8WvCDiDkIdlH+HIIw1Ec0QCz48fI8TqX59tddEhRIHyGdrt4n7DQ6WLb1aRcEBZMGc8cl3hg8hHPN71smKIQU45PhMiY1enYkhyAQXdZ19ULEKn+7OMriMIs2BQ3Eqc1dNKR7HyO1BIUL/IiUcoEg0e6hPCs8X0NQiESDfMf7hzBtkhV5roigzEVwR++LoOwI6MpqliQoJMlisYrSdolevpUX58vsXNvV/BzO3LYgrl0+bRtLEMjfwomvK5tq7C8mnZg/AlU+/hVRxtYfF3X/775MsrEuTpFxE6APOCP3ydoEhXUEx9wYyjx0h0/lJ/H/j22ZoJDiPoYFv6Q4Ytb0Eb8mEhy6oDVAO1IjEMLo68K8ILSYMvBHIoov5hKpKbOWoGD+hEBEP5jaw00NQaGt2Ten5p6fmj6KoNSgtIFnRFA2MAihCUsRFE4y2LWjzRZnVvJ/5ERkeMbH9NE1d9PQZOYOkRoxaRQp2dlIoqxdPnVlgkBW3XhHSB5lNmwcgdEyDUnOO1GjQRmq3+ucauKJmwibEuO9TxMP4aX4nLiQVRYV/ZKyZYLCKR/HcL9L6ZMlA2qNNoGrJeLtz10hw21Yok2DoJL/xgX/Mcw6hOjmhI0141FLUCgrX3XB/48XB3bVV0tQHmxmPxYKwWRFX7PfXE2/4jMiKGMR29PzIih7Ar6j2qUIChEA2IijtCUs8t+fXy5R8//PCS7bf3OTya8QczW8sIksQTPRJmuXny+rG0qUBUFhU0W9ziWAfUKmTr8ojGcx9+RombH1e31TCQqEMoZcDmX/XVuDkn0wMP3hxLmkbJmg0E/8b/DDcSFx3cMHAIDsYqLzXDyQZpxl0UzUSnZO9vfatKU1ZY4hKG25SmpCrGsJChogTKwxyy6O/qxtQynv+/oqglIzEzbwjAjKBgYhNGEuQWHzxA4d79aheFTIhO11nbJZKN8QMqvy3/iSdOVDwecBf5NzlrbzHKaPLnXy2uVjksK/xgU7NZt2VwZR37C5+Tme0PJsIOSaME33QcFs1naj8dj65xIUxvjOobE4NaO1yQnlcPAlgzCaophdc8lEbXmzqT1Fj/3ytk5QMHWgfcQ3A4Fk8A1lc6D3G8d0tHw4xLqMDU/mPUx+aE3wl3KZE+I9hqBQH33gVmMXnFiZm11h0mctFwrG+YufDObhNuHvRM9F4b4o/tZ3BxFaLerKeZooRwRl7Ne3p+dFUPYEfEe1bZcFxhTa+TUcyViYyKHAhszpJW5EPE/q9jtV3DHDIoNa2NO/kxab20nZcNxhj42a8Fs2ZH+OkGII0VAiqDXLZyPOznMs0rQdbQe+EZAq8GHjiBoF8jegJcFE4RECYMjtvyTE8vwUmMzQLLVpXMbW7+M4VYNCXgtCW6P9n3F4USGVmPYgjEQiQVognJyoXcYQFPLDoB3L+W4og02Ci/lc2KC53XquCr7t89g6QaHN4M3dVH5RIXONbwUTpOPHN3sDM8N84dlnmQf3KbcvT1mRcgRVn7Z0qPyxBIXDB+n0cwQP5IF5QxI7/FVYOzDPEMZP8rgoaJ/41tqEd4lIytpZvmt8fdBA4b+FluXsRSuK5gW/LHzkwDWLCMrQLNjI7yIo+x0ITlg42LGg8Y8PK3+8U1uIhoPIAhaPWrl40cBAdlz8Dgw27XhK43dOT6iYh65A97LWLD/nhch9hliQt+Vjzb0p2eTEs6iMeYb/hdDEzR/yQsgsFx92SW39EDtIJ2SHZFoukCMWVFTa/APTttOfP49mBI1O3zcMEbtjIVuPD3VBICAz4BCTq/FIvs3YXyNyCJ8KyCobQQyLZVMj8+m9C761863vOZxsuZMGvyb+YdKKqn60Y2yC/IM88r+E5pJyfYyQmG+J8fA6wQbHauZLjEABc9qM1jH2g7HGHASZnir4nNB/1g7mMP//45WFoSWEhLP+gDEaMZ9TlMGhiWzT/EOb2EY+8b3Bl4aMtUPCfTrPS343fHNEBEFoMIvF6zgoj2+RTM6sNTElQlddED7qYD7GO7UgLYw1BDH6n0FyyFrr3x7/W4vfUH/1+wwERFBmgLfAq9wREU+gY4uEPLDhYmIhioKTMmmznzPiwr+2OokEwNkNosJix4mcTQgbOc6AnFy432MoV0NXf9Yon8WZkxgbA6c5NgNOVjhscqrFzOW2fZ6FHBK2yEYIMeT0686m4Mmmhx8O2SxrSF5t/Wh6+lLrO2a0N5vqMp70gVuqOZUyRvSPPtNecrj4rdQ586yXw5yJKdrbCMpji18EGLH5ojZ30gpGaKC4LRaH6SWFKwhi1uOasqckb1tyPGIb0dhhVkVzCHYQATZaviHuqiKxGRsyxGSOP4XXyRUW+P4QNYfms1ayf1Lfe0NzEi0dc5Z1A+JHfh6IN/d18R3SV8aIg06+A8zrbXO099/QwnA7MRoQngNT5iPEmbmMVpGDGZFNuXw0MTWh29QFEYKYSfaMgAjKngdA1QuBjSGQNShtUUsba7KaIwSEwDEiIIJyjKOqPgmB6QhkgoK/S1STTy9ZbwoBISAERiAggjICLD0qBE4AApmgjLn64ATAoy4KASGwKwREUHaFtOoRAoeBQCYoS2eEPQwU1EohIAT2joAIyt6HQA0QAptCQARlU8OhxgiBk4uACMrJHXv1XAi0ISCConkhBITAJhAQQdnEMKgRQmAzCIigbGYo1BAhcLIREEE52eOv3guBjIAIiuaEEBACm0BABGUTw6BGCIG9IkB2U5Lnkd2WRHdcouhCtlkS1pFdk5tzXz1wc/JeO6LKhYAQOB4ERFCOZyzVEyEwFQHuK+HixBrhLhmlAa9BSs8IASEwCwERlFnw6WUhIASEgBAQAkJgDQREUNZAVWUKASEgBISAEBACsxAQQZkFn14WAkJACAgBISAE1kBABGUNVFWmEBACQkAICAEhMAsBEZRZ8OllISAEhIAQEAJCYA0ERFDWQFVlCgEhIASEgBAQArMQEEGZBZ9eFgJCQAgIASEgBNZAQARlDVRVphAQAkJACAgBITALARGUWfDpZSEgBISAEBACQmANBERQ1kBVZQoBISAEhIAQEAKzEBBBmQWfXhYCQkAICAEhIATWQEAEZQ1UVaYQEAJCQAgIASEwCwERlFnw6WUhIASEgBAQAkJgDQREUNZAVWUKASEgBISAEBACsxAQQZkFn14WAkJACAgBISAE1kBABGUNVFWmEBACQkAICAEhMAsBEZRZ8OnlA0bgEmZ2LTN7+AH3QU0/fgR+1MyeZ2ZvPv6uqodC4PQIiKBoRpw0BL7QzB5iZncxs983s5ucNADU34NCgDl6bTN7pJndz8w+flCtV2OFwAwERFBmgKdXDw6BbzSz3zSzC5rZe83sdmb24pG9+AIzu6qZXcXMLmVm5zWzrzCzs5jZGc3sk2UT+Tcz+3sz+zsze7eZvdPM3tIQotea2b+MrLPrcbRAr08/0r/vnln+E8zs9hPL+ISZfczMPlIwflezwf65mf2hmX1wYpldr53DzK5pZozrJc3sa8zsy83szGZ2BjOjLf9Z8P4HM/tQGYd3mNmbzOwN5fdc/tj+U8+ZevrGHHlPRd//yMyuk577VjN7UvPvPGX+3MbM/rqiLD0iBA4eARGUgx9CdaASAcjIYwuJYLM8xcz+vfJdHrtw8/w9zOw7G7PQWVve+x8z+3DZqNDS9Mn7zOwCzYn4v0fU3/bow8zsXukHyMG5zeyjM8qGeF2t9PlCZnZZMzvbjPL81eeb2f0X2GDZtH/QzK5XiEhu2n+VsWWcII1d8ikze4aZfUd64NKl/xcxM/6Bx5eEZ/63EM23NvPhbYXsUE6XQF4gFpdrzDWXN7PLhAchSW8s/15qZi9vKQTsn1bIGBqU723G5ncWGA8VIQQ2jYAIyqaHR41bCIEHmNkDS1m/29jzb9lslGxONfJFDel4aKMN+YG0Gb6m2bifa2YvKJsUWhFICvL5jabm68rGhrblpoU0xPoo9z9qGtDxDN8uRAetQRbI2K/NKDu/+ovFJOZ/RzsSN1n/OxsxmqTzld8xn0HEoqBh+j4z+40J7UMT8biyUfvrYM4YoH34k2bzfr+Zob1ygSx+fRkLfI4gNWDv8ldmdoWBtuT+U/4UwsaYoZ2BYCD3abQ9kMwa+Twze2ZD7m5UHr6n/KdqYNMzh4yACMohj57aXoMAmwA+J8irzOzKxQxT8y4bIqf+i4aHMdXcuzEpQHRqhe/s+mb2E+UUzXtscHEjrS3Ln0PDgXmKDR/TBW11eZGZXWNsgT3PT92gP7cx69zBzHgf0uaC5uiKZTxqm4kpBy3FF4cX/rQxJf1I0WbUloP5hzYxhl9V3kVj0idT+x/LzOSE+n+2ttHlOQjgn5mZt/fuZvbokWXocSFwMAiIoBzMUKmhExC4YbOYP7vRnjDP2cgvVnwQaor66uI7wf+6vNLMrltMOTVl5GcwN2CC4TT8ZWb2T1MKKe+gSUATQf/wSXANET9jgoCwoE1YQuZu0Hds/HR+JTUEMxtY1gjkhEiWSHJ+uWh16OsUgcChccEX5eIDBcztP/Pv8cGvB7Pcz01pdDG7YRJiDqEFxGfljyeWpdeEwKYREEHZ9PCocTMQwFkSp9SzlzIek8wUfUWzEUJGohmDjYxTP+aNOUI5mBw4vaP5mCIQHZxv6Rv+E2iG0OxEIeLjwVMKb3lniQ0aB9mvDGWjRfnSCj8gzEU4FkfNya83Dri3ndk3CCKOszjM4mfTJ3P6n8kJYcOnzmy7k1OK+cei4fvnmWXqdSGwOQREUDY3JGrQQgj8lpndqpSFYyE+IbWEAEfOn0rtwJfkZQu07anFBwYNBz4kUwTfjmcVbcy5ii8LkTLfFAp7ezltTyk/vzNng/aycOrMzqhE3uAk2idoOaK5ig0Zh+V/XaBjRFnhBwQJWoOgsL5CJjApIUv5jeB3BLEiogzB3wi/I4kQOCoERFCOajjVmYIAGx+nbp/fOCZiDqmRc5aw4Bipg+/DLWperngGzcZPl1DnrPWoeP3Tj9Cemzcn/99uNqpbl5fI6wKRiHKlYqaqLbfruSUICnk88JmIgh8NkStdQv4PTEFR7tqYx35pbofK+5hGiNKJZry2oqf0P5MTfGUesVC7KQZS8j2lPMxcmC/RGEqEwNEgIIJyNEOpjgQE2LgJB3bBQRVn1xrBeZGonSj4spAwawkhPwcmJHJnTPGfINwV8w4Ok7FdECs0RNFPg7Bqoo/mypQNOtfZlluETbUvQ+ofpLwghA8TQr1UHhmwwpGXseiTsf1nXcXnxkkx4ek/P3cQ0vs3biKTfi/8bQmz18JNVHFCYB4CIijz8NPb20OA6Bg2cFd/kw+EzXtoE/KeYHKITpNshmyKbI5bEEJUn1hMHPjZxHYR9nyD0EjMICSRq+17V//GbtBt5WRTDTloSLTWFe6N6epvC4Hw8iCJkLJdy5j+Z3Lyw03E1i+s0GDCp3GyJioJISEd82Guj9QKTVWRQmAaAiIo03DTW9tFwDdwbyFRLrXp7LHt58gXokfipr/vnvtG32a2wscjJ/DCNNWXRKymP2M26LbyMJfh7+GbKc8MOS2T2IysuFGWcDCt6W9+prb/mZyQTO5RUyqsfIe5SV4XF0w+U/LLVFanx4TAbhEQQdkt3qptfQSeUrLEek3kHskOr12tIIEbTqxRMPfcd/1mV9VAFMwHilaBbKrkAYkCAYAIRP+ZJbQOtRt0Vyce1Gh6fjz8iKMrfkJouroEApPNU4TUkpBt11LTf9ZSTGqEVCO7yFHCvMah2+XJZvZduwZH9QmBtRAQQVkLWZW7LwTY9FB1u3x7ycBZ0x6cV3FijcJJnoigLQiOloSoYvrAsdMz18a2RedJ/k44LyHNhNROlZoNuq1s1hecd9Ei+FpDcjpO/SQc6xMipr45PUCf/2ZqJ2a8N9T/TE5w4sWZd23JhJpQ7rbMwmu3Q+ULgVUQEEFZBVYVuicE8BVh847CRXJ/WdkeHA3zRXvfVhJ6VRax6mMkZCOLKBExP9RRE+19YaCMhJAAAAzwSURBVPptrh/E0Abt1eF0Sr4SQrrJGYPJIWZpJWoGrUhN9BIh2FyQF8WTk60Kckvhff1nDSVp3J3Ce/gtkUNnahh5bf/AOBM9csss5URc2w49JwRWQUAEZRVYVeieELh6i9ljzKmbkFZCW6cSnDW7Tbp9j3gh38lfdFRGVApmoJgUjZDroXTufW3PG/SYfqLlwXmX6wa62txWHrlr3NGZ33ECHbqEcUy7xjzbRVDayImXyx0/aIDIYLyWtPlMLZWvZ602q1whUI2ACEo1VHrwABDIDrI0mU2Nza1GyMlxlfQgWV+3kF+CrLA/1mgl3tM4Qp5/oDMPLzcvx8dqkqJ1FTuHoHiZRBuBL3cYYYbquyiRdSmbrzBRRdNdzXgu9UwbQSGLL34y318qIVIqEir+POQIPLd9XHqYb61GA5idi+fWo/eFwF4QEEHZC+yqdCUE2MBjenf8L2JekKFqX9HcjEtysygXrDRJDJU953e+03eX+3V+JjmctpWLtgRzUBRIC5lMp0jtbca0E0LIxol5hiRomJwwRaDZcSE8Fn+arogTxixrHvA9GUqoNqVvNe/k/hMiTa4dyAntvHNJOU9ekrymks04R1bV1Fn7DHOc3Dou+4p0qm2vnhMC1QiIoFRDpQcPAAGSYUXfjA+Hu3hqmp9zdfAOvgSvqXl5xWe4gfnlpfxLmBmXxQ0Jz5AIzQXnYTb4rrwjfeXV+qB0lYHGh8vxbpYeYLxIYtYmtDOSGkgBSer2IV0aJDClT1wzgNDHTAK5HPLyK2rhmOMRF25IJtmgRAgcPAIiKAc/hOpAQIAwz+isyEmdS+Fq5enN5k/UTxT8Wl5cW8BKz3nI7XvNjJt9a+RuLanliZ4hO+tYmUtQvD6ieWhXFKJ86F8WQpFJsOdC1l00BVOy747tb36+jaDgY3LTFFWEE++LWqKPMBFeocUcM7ddvM8cxzHW5dEt475EPSpDCOwcARGUnUOuCldE4FfTLbdE9ERn0aGq23w3xoQpD5U/5XfMHfQjbkJTyuEdcrzkC/tqylqKoOCjgWbnAqFSNABcnEj4cZRXp9uk+Q3Cso9be3P/0YrQFhx5sxDSjcYtE2PMPH55ZQ3mtc/ksPrHh1wstWXoOSGwSQREUDY5LGrURARymDB307Bh1MptzQySE4XcKA+oLWCF58hiSxTMEsKGSih2JgNDZS9FUKiHxHk/mSpsyzWT87nwSltyuqG2L/H72P6j5SIiLJqoaMeSFx16v/DNiST8SU0U1+2X6LTKEAL7RkAEZd8joPqXRIDTo19tT7ljIz8u1Fwy+LbUoH2nuufkjdYDzQP+J2MEh0l8EqKQ6RScxsjYDbqv7LYbijH9kBY+t5ML96LsywF0Sv8hYZCxKDjUEiVWm5enZoyY41FbQ04WnHYlQuDgERBBOfghVAcCAnkjIWHVWNPIW5uoiwuHMimDC/fWzGfRNYhnKanriYwhVTwRPGOESBr8VuJ3jrNtDqUeKnPKBt1VJk7HmG+iEBFz6/Q3tAJkRo1tXyJt/1Bf236f0n+0J6TlJ4opCnc9EWW1VDI1LoTkgkwXLiYkMZ9ECBw8AiIoBz+E6kBAwHOF+J/ItUHI6xi5T0kqFt9Z0g+FjYuoj+c3m+8DBxpGTgvMVgjZWQk1HittodP4gLxrREFTNuiu4mNEkj/TderPifMIqSUSifuGlpBLlZwskD80ZV0ytf9oNkiSl/2gcFS+/kIOv+T4OVNoOJqboXm1BHYqQwisjoAIyuoQq4IdIkCESL49FidTNrZaOUfZvOOplJMwF9UtIW5GelyKOGorm3qvVUwCpOyfIm2YcMlcNj/0lT11g24rs+1Cxq4LHdsyA3NxIxc4LiGYuzAjDeUqmdN/sskS2UOETxT8mvBvmiNnbC6yJEFcFK4SIJpNIgQOHgERlIMfQnUgIHBzM3tGQmRK5Ac30XLfTZQbN1Elz1kAbd+ghy6UI2sqDpCE1s65SyeW480nGy0amdqQ3TkbdIaMMNh8kV5fKDeZZwnndfmImZHdF/PPXPHw7Vu0zJtY9tz+t/kCkSkXfxzuJ5oqaGjyJZA3aUxIz55aoN4TAltCQARlS6OhtsxFgMRkOYnZxc3sTSML5rtADR/v5WFDxH+C/BxzxM1QQ74COI3yDBsZd64QkTRV2hLQXa2knq8pc+4G7XVwkSDkCC2VCxsskVZdWq42Mwljc8OJSedif938NbSpz+0/8wnSQJujMJfwR5l6QzPXF7wulUn23uzoXTPGekYIbA4BEZTNDYkaNAMBzDnkqIjp7THNYCoZK2ymqOYhJS5c1keoK7knpoqbbcg6eq+eQoj0IAMpSeLQMMwRN2XEMp6YIp76yp+7QXvZbbdFE3VFW/qEjRgcuP/G5WnFsXaM+S7WQU4WCMJZiz8IPkFdskT/aTvXD5DzJQq3EUMWp/QDPxYch10w9+BzNSVb8Jz5pXeFwCoIiKCsAqsK3SMCOKBy269LV6bSmiaSQhyTUYzEIAqDe2SyKWmoPIgOpOQa5cG+O3W4/+ft5Tky4+KvMkfQWECqInEjdTw5UWouUpy7QZ+rCYXFpJWz9D6z0W5hXqkxNaEdYzOOGzwaEHxsxlxFgMnsRmUsMHMh+Pm8sAfguf33oi/XZAKmzfiOROlL+d837tkUOSVCa8680rtCYFUERFBWhVeF7wGBB6XL9HCC9BtnpzSHqBvui8GRk7Bfl1c2vhCc4on+eEfLJovvC6QEsoTfSbwXhzKItMgJy7xsfsOJkhuACXFeInsqGoLrJgAI7SXEd0jaLgskdXuXnLmEvuIrctWGQOC/k2/6JaEY5GuM5gDC+IiSLdiToGEC45I+TChop9oifM5XxgJNBYQIYhZl6DqDpQgKdUKYKS/LlEgxNE/c4O2y76SCQ/NIvwuBUQiIoIyCSw8fAAKcUrknxYXTdTTTTO0CWgCcVW9nZjieRkGlzp0opG2HxBAB1BXeTDZXyM1DmpuTX1AKIVcLfhCYMr6hmHbIfcLmTfvxKfB/z6rc1In64R85XfiHr0P0/aBq2ovZgbti+IdJCzMWkSeYxi5a/hGWPOZW6D6M0SDcb+b9RuCEFguyARmKgpkD0w0h5hAaxiKTI3+eXCQvLeNKvhgXwo+/JfSf/48pyAWND35NENN3lv/F2RX/mhp5SoP3KS3tJj8M401oMs98dKCwNzSaPHysXC7bcot1TXv0jBDYJAIiKJscFjVqJgJstjgLImwmkAsIxBKCieCKxVTDps/mTZ4LiAmhpCR0g4QQbYJZBedWNi42NDYUNp8cGgoZqL3ED18GiMWQ5BwiQ8/zO5FL3Ab9hJnp0tFq4AuEGQmNBv1m4yUKqnYTr2kvJBDzG4QKYof5B/IIuWNtA2fGAry4zwhnVAgFjtSvL2Sszbw0pf9jIq2YK69KCQFzf4durUYLRJ9cmPNorCRC4GgQEEE5mqFURwICmHRI/uUyJb27ABUCW0Ygm4qW8FXacn/VthOIgAjKCRz0E9BlVPqclMk6iuA4e6UT0G918eQg4FFe9JgQeBx+93Edw8lBXD3dOQIiKDuHXBXuCIGctI37Z4hykAiBQ0cA/xj8hVyY6yS0kwiBo0JABOWohlOdSQg8PYS2okXhHpiakFYBKQS2igDRSzhZkyMHIZIsO9xute1qlxAYhYAIyii49PCBIUDkBapwd5gl5fipB9YHNVcIRAS4i8hvtSbiikitoWgfISgEDhIBEZSDHDY1egQCX9tkYn2JmfG/RJcQmip1+AgA9ehmECBXChoT1m1utiavyxJ3Em2mg2qIEIgIiKBoPpwEBAg/JYwXTQqZU0kRHm34JwED9fGwEeCKBTLpnqmErF+vSdJGVmOJEDhaBERQjnZo1bGEAEm7yJrKwk5iNbK4oipHqyIRAltFAJ8TEtuRWZgcPOSSuU3Js7PVNqtdQmARBERQFoFRhRwIAsz3uzbZRx9WMpA+pqQeP5Dmq5knEAGuaiCPD4nv7tmk6X/sCcRAXT6hCIignNCBP+HdJvsrF7SRSv6mJxwLdX/bCDy3aPzIVLtkFt5t91qtEwLF2UpACIGTigCXyGnRP6mjfxj91hw9jHFSK1dAQBqUFUBVkUJACAgBISAEhMA8BERQ5uGnt4WAEBACQkAICIEVEBBBWQFUFSkEhIAQEAJCQAjMQ0AEZR5+elsICAEhIASEgBBYAQERlBVAVZFCQAgIASEgBITAPAREUObhp7eFgBAQAkJACAiBFRAQQVkBVBUpBISAEBACQkAIzENABGUefnpbCAgBISAEhIAQWAEBEZQVQFWRQkAICAEhIASEwDwERFDm4ae3hYAQEAJCQAgIgRUQEEFZAVQVKQSEgBAQAkJACMxDQARlHn56WwgIASEgBISAEFgBARGUFUBVkUJACAgBISAEhMA8BP4Pe2QLuNE2faUAAAAASUVORK5CYII="/></switch></g></g></g><g data-cell-id="7QqzYbiBiShg53c-Jw5P-2"><g><rect x="165" y="55" width="240" height="230" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" stroke-dasharray="12 12" pointer-events="all"/></g></g><g data-cell-id="7QqzYbiBiShg53c-Jw5P-3"><g><rect x="185" y="95" width="80" height="140" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g></g><g data-cell-id="7QqzYbiBiShg53c-Jw5P-4"><g><rect x="195" y="105" width="80" height="140" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g></g><g data-cell-id="7QqzYbiBiShg53c-Jw5P-5"><g><rect x="205" y="115" width="80" height="140" fill="#cccccc" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 78px; height: 1px; padding-top: 185px; margin-left: 206px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Verdana; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">CAPI Machine with Canonical Kubernetes Config</div></div></div></foreignObject><image x="206" y="156.5" width="78" height="61" xlink:href="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAATgAAAD0CAYAAAAPIjoRAAAAAXNSR0IArs4c6QAAIABJREFUeF7tnQXUPUlxxW9wdye4BFjcLbi7u7sHd3d3gru7LLqLu7sTAsHdXTM/toutbXpc3rz3VZ3zPwvfm+npud1zu7qs/00hgUAgEAjsKAL/tqPvFa8VCAQCgYCC4GISBAKBwM4iEAS3s0MbLxYIBAJBcDEHAoFAYGcRCILb2aGNFwsEAoEguJgDgUAgsLMIBMHt7NDGiwUCgUAQXMyBQCAQ2FkEguB2dmjjxQKBQCAILuZAILAMAg+XdLeaR71Y0nWW6cbeekoQ3N4a73jbzSFwXEnnkXR6SeeTdH7XlSC4mcZlToI7dBrI/5R0RkknlsQgH0HSoST9SdIfJP1S0g8l/UDS/1Yr2f9I+pKkT0v62UTvfTpJn83aemH1vOuNbP9Zkm7co42/SPq1pF9J+oakz0j6gKR9ExZNTT1Y0r16PItLjyjpNz3vscsZh5O13Ms1p5T094HPKN12Fkkf79DeYTtg1qGZjVxygYrg3jUzwZ1Z0jMlnVzSmyXdPM27jbzwph46B8H9RwXkHSVdM31g+bv9TdIvJB1G0uFaXvz/0gBBDGPkEZLumjXwW0nHGUEANAdxsxLzznzofJxHGdBRCO8Z1X33l0S/SnKqigwvmp7F/+bZR88uhMS/XGH/lfTfl0v664D+cMslJZ1JEs+y5x2y0BbXvXXgM0q3vaxa4K5e+IHFwN6Ld+TdmEvbKHMTHOP0dUkncOA8rVIkbrmNYI3p85QEd/iKtLAzAOLBXac+lTSU/dIERSuziclAoCXwsaK2XzGRjn8n2v3diJfkHSFKP9jW3A0rzfJ5I9rOb32ypFu7P6KtsZIih5B0JEnHTu97+USIvo1vSbpE0mDbunXvCucHZReB59jFoO65n5e0T+HHN1Ua12XaOtvxd7R8tEI/f+zWKedqx+7MdtncBMeCyyLghV3RaWZ7o5U2PNWkYWKiBp/avScTFaPqa3q8O/25dLXluZ+ks6b70IjYxg4VNKx3py3x99JW2dpim3ChoQ0X7ssJjn43aXRoZM9PW3drjj6eQ9J3Wvq1FoJjsWIbxJZ7rDxJ0m1qGplqro7t4xT3z01w7Iww+WCiMOE7vPIUnd+mNqaYNP8u6UOS+K/Jh9MWh63oEMFGx1YNreeY1aT/yZBG0j1s/W5abbdeL+mTkh7g2sJ2BDmjOU0hfQmOZ54h4YdNyeSlkq7V0qFNERzbaTRRL4+uxusuIwE8WmXP/HYyW7AwHDlrb4q5OrKLk90+N8HR0Sul3Qkk94WkZX9zsjfYkobGThq2RJCZbcN4bcA8VzKmj4GBdlCpjy8JrWaIQJSsZEetVPZrJOM1mqUXiOIhQxov3DOE4GjmKZJulbXH1h2nS51siuCwkV1E0jFcxzA7sMD9fgSO95H0wGSOeE5Bkxs7V0d0bfJblyA4Oo2jD5MIC8eUjqDJAZmrwbGTxial7x+2tPdN0GGMyFdLGhY2tCFyhUpDem3SBo+VPh60zXO6xr6aDPdD2s/vGUpw5y1gdtuKRGhvbQTHlppFI4/pwpsMMQ0RHE6MMWME2aOxY6bwMnauDunXXPcsRXBz9X9r2h0zaVjB0TD8Pv9VlQZ31Yne3jSUUyTD85Bm6Q92h5dIunZqACdAThznTtvEIc/w9wwlOD5wHCl+PF5Q2bWuv1KCw9uLl+5grn9s//EiD5FbVJrGU5PHF2804TtBcEOQjHsmWxVZwfGaerls5Rx440QY40ljC/zHgeo1Nhw0DcjD9wtiZsvrQx6mcqEPJTggw7blFwtCLwjBqJNNbVHR4G5QmSXekHD1/RuyUECSePxYyF6ZtHYIdC8R3BQxmRN9drvVzBgN7nOSTuvgwA5DXNmfVwLRjarQkGdL+nmyQ/h+EVjrQxu4hiBkyHSMjCE4gp3Zopm8N4t2z/u1aYK7eCH+bUhEPho2mjaC9/ij1f8YS3A4bPDo40DC/so/7LE4L9A8ecaYIHIWTfpK+yyY2LpYoPhHu19Lu5u6byHfohKqRMiSF2zPLBgnTJo9Xmq8/mP6PWZucy/vijmF9+ad8fQTofDdgQ3DF2R38F+iDcAP5QMz0lC7+0G6MpTgiCnLPY9TxkMNxOsgt70jhYCQbYAX1QsOBzyVXtha24c29PljCI6sDiaNCbZDPGF1smmCY+4QeIvmZUJ2CnPjRz0AxEkFWXhCH0pwkMTdU9iK3z7n3aGfr6gcYXfq2dezVXGG4H6xtDNoek3iESFTgqVz50tOcLaDOF7anmNO8cqDPQczBhktD6t5MPmsaIMlwabNvM/lRc58439DQydWk2By+oPZAGdizhkEkj+9Ct6/fQ/lhsURh9LZGwBkXhDxMCqIfCjBYfwHMC9sV+/RY2LPeSkTBc8Rk/zCVRDxO7OHscKjMfktIVtrtrJjZCjBMYnyUBiM7XUxYfRx0wRHH5jUj8sA6+OVJo0PYkO8GWEowfmE9p+m0CC2v2gYaAgXlHQV11886nj828KQMGc8sTJ5YCs0gcQhAdqAeBhDtEbiKr2HuZQulxMcJMMCx9af0Kg2IWXvoYWLWCAJO4JU8XT7d60jODREvhHGwmuR4Ebs3O1SemVbn7psszE7YWv1Cgfa2v6SGC888fT5JO5hvGffFMV/3j6U4IigZyJ7YfVgi7IGYWUmNuv7CbRSSg/bAm/EZ8VlW9BH+8jfdSjBEdyc2y5ZRLBJ1ckaCA7SgDx8yh3bFrYwXVLEzFRAlD1ZEhbKMJbgCBhmDpS2iHeo4vge60BlzPBY1wkfJbsTtA4TSP2eNbmwEBTZPBAi0oXgMI0QFoXZ54uJcPngsSOTnA+xktFjwvVoyj9u6Hfuma8jON+EDyXhf7PVJv2PfvEtsT1mXNEu6RPfixczMdR1y+duMzZ8f/lOCpKG8D05D/bQDyU4DM15ojorBtvCNQgePVaxJyQto9Qn+svK4YXJ//gRLzCU4Nguee8zWxomD7bBOlkDwdE3C6T2/cSu1pbBgrbDR80cvEmyl1obYwmOD5C2S4I2hsZmwcosaNiA6uLEiJGEzEwgrv9qmSM8AzKgsEQXgmuzXaLRUHzCB1iTPA/2dTKW4Fi4fPB+/hy0VNIw/TUQP3noJcHmzYJmQmA4SkhJeE9sjgR/I4wXhI6W20uGEhz7Yr+i8dA29u7VsREX8+GwCiLEu32kpi22r2xj2c6aMIkgxqEyhOBIJWNh8PmXFAfAltQkayE4tkTg5gWTANueJsEBhCMITzcan3fwDCW461ZGb7Z/bRVezO5n/SMYtqS557mxmDUIwK4riODfF63vUhMRHO3mmLR5/ucmOPp0s2R/s/fG4YAZoCQ4drBhIizcLCrYQuuESigsfCaDdohDCQ67CXt2L2QdsNXYtNiKywpw0pbOPKaw4rAlQCUfIn0JjlxUYvS8zQbNA+8ZHqUmWQvB0cf3J2+Y7y9bTlto8vfAY03aEJ5NtKPcaD6U4LqO2dszAiY5nYDvXNBIsDOa9LEz21Z4Cg2O52OjxOZn8upsG5f3fQmC88oEz2fulpwjzAWKNZiwYylVjPHvwCLFltYEbRWttZcMJThqmPERehkTkNur0w0X8z4EH7PydjFOoq2xnfUC6d15YIeaCA6NEdWbrSfaLrmmuZaDYZetcxe3+5oIjtJYELWXJieJOQOoVYeRO9+KL01wfKh59Q3ehewK+mdCSMMHO84N7Ge0i+aS24CHZDLkc7UtamEJgsMu6OsN4jWm8EIuOMuwi5rct1AJJ7+Hb4OFyARnRM45rUMxlOAsBMM/ABcye/JNChMQbQKhyKVfNer6lZcBYsuEXaGLkTxvMye4rlhgc8O7BGl1zedcE8FhcyJsiG2HCaWiIHP+6wWNhmtxUNTZSNdAcMwBTBh534cWEPXtDCE4Sor572sNBEc8oJ+vdQT33OQhNgwgPBbAJkEJwJRgwgLkqxV1+raGEhzePe/l4GHsvdmDb1L+O3mw2P6w/esieNBwhXvBdvKWLjdn1/QhOLS0j6UQFrxGTQ6FUlfWRHD0j7gmcpO9lCayebhZQLBnlfKMxxIcKWPYX2mfajSEBfnwCzQB/m5S0uDyQGYWPrbWU8heI7j3pHqPhh3ml7aFnPHyBV3xzpdqOjaOx1CCK9muIDzsApsStAhc2XmV2yH96eJSL7XbVPCS6/mo0WiIqB+b8bE2gkNbY2HxRJIXWWSMMCGgHTWVhBpKcMxBTBM++LjL+JcILg8GJ6iZysZTyF4jOJxQOKPGSJtXt9j2UIIjIBG10wuxceytNyW5G3pMP3BHs93qW2izr5NhTB/XRnC8ixU38O/lA63xclJEAEHLyu2fdt8QgiPq3c8/7MSEdGADw/vpNYbcyVAiOAzaeCpN2B76smBjxm6vEVx+vgc2W8puzS5DCY6KD6xoXtpsAnO/DBoBqy42NexvfYSYnEdmN+ACx1XdR/Y6wWGmyLNGfMoZ5yrgpW4LI+lLcGQjeOM/QdOkGdWd2dCF4AhC9eXsB9mAaibPXiM4q+1ocICtLXR9vq/e1w4lOB7EgONeNyGwERtFU2xL7w52vIGASlZpIurr0liamsJTxvbK44GzIg+FaevOXic48MknM9tyAlUJFTC7ZttBNX0JLs9KadIO6WMXgoMgX+cGnOTvPHK/bT7U/b7XCC6vwUigtGV6DMWw031jCI5A1Dx+aUo7HGEVAMNZD77MeOnFyKoguwJpq4RbB0wp9AWXN56hrhIEd8ChO3m9PexiGP3J0+yiYfclOLydFlGPjZMQjaYKtl0IjqBUtrcmaIOE+XQJ8m2bL3uN4PLqPY8qnHLXhtmg38cQHGkUfPz+UJW3pVOhBnUmu8m2wV0C/HguFR6YkLiXhwje1HxVwTOY1yVrajsI7oDUJAzCvpABpGP/H/utLUZ1WPYhOBZCsiDMuUH+JHOnSboQHEHIePt8hRdiy1gIx8peIzgUIZ+ZMyVPNI7FGIKjYcIriGXygmrvI66HTgarWNJWVYM0Gz4oUp3G5JL6dqzPZEOgEXatZx8EdwBydeEyjBPb1TYPch+Cy4NNu5Sg70JwvEeeoUGeMnNsrOw1giPPmuwFExw+1D6cIqZwVoKDILGr+LxU4lXwNjVVOugyQSzlqm1SsZ/nGrYQxMmMKZRXCmAmV9RK+rT1OwjuAIRI2yslu3P4NtuTNulDcLRFJRjL5eWjYSs5dotKu5QP8udMEKvIuxETN0b2GsExHmDmT45jjNtMT2Mw/se9YzU42qDzVBr1LnRyEAkPGDMRbNvZtl+3JN6mRN+uQOXJw9xHUrhP+m1qKwjuQHTwlPrEa7Z7OHO6hN70JTji7XyMWtvBR101OCL12fL6ihksguxSxtji9hrBMSvwmhImZAJ+4PDxrh/nkOumIDiei1GXGCjyKE1IxyFqvW+VXIgSUrMDmZtySgnotCTptvIxXfDBrggp+/Ma+DCJiWuLvKb9ILgDUfalyPlrnxzfvgSXH7tIOApzMS9kiX0WJwjmD29bq8tFpd+QJWTtq71QjAFttK3aLHY8yqXj4feyFwkODzRavT/vFtssdeXYvqKF1wnfJdpzV1PRP9uZiuBoEGMvtaAwyhO2YUI+GS9AnByrYd5JKmlAanjZmHiEE3hBjWXCl8SCO7HpEKJCkcCxgtc2P+yFks15MnnpOUFwB6KC0Z/QGyY240NlF8wXXaQvwTFniJb3WRRoiuwsWKD4QIikx4QB6UFQXrtsIjj6y/ijyXtS5O/YFLHTsZjzHDQ+PmAcb2iUxPwRS5lXZt6LBAdeBOPDBX6ryt8xK2EGwhvOuGFXRalA4ycUDQ2aexarB9c0STEeYojFfoHh3gsxUUwwTryHBJkIvlKpv5aXgRzxwOyXfiANi7NOmThMWFz5xL7B/kSaE3xs/wgwbVoV7Fms6vwDSP5RtcEK7dk19Jeoe7ZC/OPDYRsOqVL2hcBi/lEqJh88ci1xVpCixH/pX1Ol3jps+WDQSvgY+UfyNdqBF1ZI6yP/ZTINKRpAm5A8WNjzwBsCYWuBhmQ4g7uNT953Oze3rZw1uaEscDYGPMt752mX8BJ7N2IwSafzgbxoZlSsaFq02ZpihsB84oO40Q4YUxY3iKwkzDUqAeNJ7SqEOdEvS5Ln/TiHgA+dxdyEhZ/+MMc+kb4PfuNdsPmhADD2vsgs84r3pd4h2zy+lxMlYmXMiOH0Z3ow/8h5Bjv+gSX3MNcJlAZ/X6WbMuwUpKRP/POFB1isiDXkXXzlHUie3RffLaajUskvcCRDpGtWCNovbYL9RjW4fNBR6QGOrSYfCjFlFJeE2PhQCAgGYNRUtoWwOARgpZtZkfNTri7RIwmejx9iapNS8c62e6wKhh0s3Xa9/50VKv94u9zPYSN9a9OXapF1eRbX5Ok1dfc15WiywKHdMKkpfV0nQ8agtKJDPuwiIEw+XOYWWhb2WRYVO5A8z3ywfvEx+Yoopf5yL8UYIBDKcvEc+sKzcKwxfyEcIgl8NZu88kYdFnYsI7/TPt9Em6BMEOzsnS1t99jB4nWHzvj7IVP6YpIfkFR6VlvRVophsIgyZmj5plSw2DD3KESBHR6b59BFehInQxuQ8XsgEAgEAhtBYEob3EZeIB4aCAQCgUAdAkFwMTcCgUBgZxEIgtvZoY0XCwQCgSC4mAOBQCCwswgEwe3s0MaLBQKBQBBczIFAIBDYWQSC4HZ2aOPFAoFAIAgu5kAgEAjsLAJBcDs7tPFigUAgEAQXcyAQCAR2FoEguJ0d2nixQCAQCIKLORAIBAI7i0AQ3M4ObbxYIBAIBMHFHAgEAoGdRSAIbmeHNl4sEAgEguBiDgQCgcDOIhAEt7NDGy8WCAQCQXAxBwKBQGBnEQiC29mhjRcLBAKBILiYA4FAILCzCATB7ezQxosFAoFAEFzzHGg6ppDj6DiQNiQQCATGIfBwSXdraIIDu7seGn6QZoLgmgeGM1w5/5KDpvl3LXd5ENy4SR13BwKGAOcEc3A6B2NzwPn1JR3DwbPnCQ7ieVg6gPcp1YngD5hp7viTtddOcIeWdL5E0GdMB/ceNx28fSh38DYHUXPgMYdvc/o5h+5y6jkHb/9sJhyj2XEILDXfx/Vy+N0frg54P0cQ3AEI7CPpM5IO7gC5hqSXD8e39s5tIDhWQU53v6YkTrbP5W+SfiGJk9YP14IRJ5qfPJ2YPgOc0eQABJac7wO6N8ktQXAOxptLeloG61Ml3WoSqA/ayJoJ7vAVaWHLuGVG9p+StK+k/SrS+0rSyiA55JCSTiYJDQ9t74oVlsfJcKPd382AZTQ5DIEl5/uwHo6/KwjOYYiN7L0ZpreT9KTxOP9LC2sluBNLenOltZ7a9ZitJobb1/TAAZvspSXdT9JZ033YR9jGhqwDgSXn+6beOAguQ/6hku5e2d74QF9b2ZCuLunPHUbn9pIeJ+mCkt7d4fo1Ehye3A9lHl0myCXTVrTDa/3LJdjofivpEJKOKeknQxqJe2ZDYOh8n61DEzccBFcAFE0DwzoG867yxaT1bCvBscVkMpzZvfAXJJ1L0q+7glBzHe2cRtLxJX1vZFtx+/QIDJnv0/dinhaD4CbAFZvTe1I720pw95H0wAwL3ut9E+CDk+ZqyfuKsyEkEFgKgSC4CZB+sYtr20aCI06IsA7vKX2VpKtOgA1N3LtyVjxI0ilS6MhEzUYzgUArAkFwrRA1X3B0ScSxsaVFhhDctyWdcGQ/xtyOAwGvqZfLVs6BN45p1N1L2A1b4D9WTgdve5yo+WgmEKhFIAhu5OS4hyQMtSZDCO6bkk6S9eNIks4r6aQpoJbgWbbB3xjZ39Ltn5N0WvcDQbmEeHRxrkzdncMmWybe3KOmfzgq8L5+XdJHJwwahngJa+HfsST9JsVBfnBEvB64nTO1x+IHqeNY+VrlVf7YiHZLOM/R/yHjebDKIXeGZGflndkJgOWv0rixO+D9cTa1ydTjvxGC4+WJiWqTRySPZtt1db8ThHrkhpvvUpHHoyuv4bMk3bjmOmLB8ti4Y1dbreukf3wcbYIX8q3ZRV6T+XL6qMGEbSHpJZAbnkcv3PMSScQvdZksbf3id1JXvpVd+CZJl+ly84TX3DCNNcHAfDB18qfqQ3pF5fi4UxWf+KPCRdzPx1QSHCjE8mFbvIGkK9XMD8Ji+P0DHd8PomE+0CfShOqEeU+oDdt1nlGSJfrfd77XvQ9edxZ4guGP1oIVc5ccUILGS7hONf55NzZCcGgr565SeK4g6SquR2gMxJx9vvrQ8bzx3zGBoaQT4b0jputyFbAXrT6iP1Sry52r///JlEL0e0l4kZj8Z0phIWdzfSoRXFtCbw5yG8GRPfHK9IGgtbQJgbYk70+x3cP4n2dq8H5M3CXFY/rTaixeX304ED/bf8YHzdjPFQgCD28edsKicP6UVsa7+Xi+R6a/c1+bME+I32MeNgkaG8HPFuvHmPABEyr0Yze3Lp4yPmjrL5UWSnwlQeS5LNH/vvO99P43qXI8n+xMM3xHxE8yl3+etDgCvxkLSNukzvQx1fivguCsE6iybL18mg+J6GyZ2uS5aYI/p7qfidsmz68M6ddLqz+xbXViBnH7vURw/t4XVRrDtd0fhmxR+SjQOj6bSP37aRtGLN4pq4/8ppJOlHX48hUpv6HtpTv8jjbBO3tBG8FxsqTYBGeBQxMqbY/vIOmxrlN8YLdt6OT9U6CxXcI2F4z599WEMX9D++DDu3LW1luqLfGlGtpnO8a208wLaJSQqnnU/a3YWNG+z+P+aDuIukfM3X+e23e+l+55e9p11IUAsRt5W/rO2whuyvGnrxvR4JoIArJqKnfCvcdL2yq2BhjosddYylBpslhMG9tVNDlW3DURXFuyPQvAO7Ok4ZdmFUmGkpERv7//IpWm846hDQ68zwgOW2Cd1oSjAo0N+yQCoaBB1WmyOUGwULA9qxMCvCm0YMKcgsQwdZQErdu0SvpAZkDTtpZ+Q4gsWgiaHDsZ/laSufvPM/sSHJooxG/Vg7CJoqWh8TYJBHextJCUnFdzjD/92TjB8THt75Bhn85q17T9yiciW09WkTpB23ld+jggxybjed8Bn0KDayM43usC1UR6l3tBs9u1zKvWn7ENMmm9UH2BibukXDe9Y50t1PqST1jsoSVbHNf3JQgIFE3aa8vgXtLIwIi+mLBosni2CVoiITgmmBty/O23Oftvz+gz37GNkoPst5yYcz7e9tKVzRhtFeWlToObY/zp1sYJDtDwImLsNmnb5vFxU+nChO0U26o6YWuAcZPyR7dpGYw+A05TSxEc23m8UibYqXydqw5zrHgJubdoHl6wW1LmaI3CQnZh1zHmAdvNkvQlCNqwoGRrD6ePJyT7+/PStsz+P46hF3QADBub2ea4nIWcdyg5Rubsv3W1z3w3RcHuhTy62DO5Hvs2du+x4Ud9xp/nbpzg6MRDqppi93ST49mVxwUjZklQ6fNtAAZOtiqeAOxe3M6s8BScZDD8qltqv8+Ac/9SBMezsBfZ9gwvKu80VsASTL2sOSA3n+A4EVjwpiK4RyUnlLWHZsEY58KcIrfWhHCeriE8eFKptmKCHRF7Yi5DCK5r/+1ZfeZ7bs64VxYi1TQX2dKi9TJWdVv+LnO5z/jT3ioIDpsEqq8JHzJbD2KIcnlmIr+/ZqV86uwr2EiwleB148Ntkz4DTltLEpwPe5mK4LC1XSgDxcIp2rDaxO99JvgQgsg95CWCg8yIyTPB5MFCypzsIsRNei/1C5MDbAqC69J//5w+851vCM+oyVhtrAtW+TV9xp97V0FwdITgSq/ulrYGGNvxMKK5MDA+wBZNBG9NLmYIpjIvE75N+gz4LhCcN5QbNm0mgjYMx/x+lhQoy4eEhgRx+HhAtE2vOU2twXUhCMJ+CIkwIY4w93I3YcBi/Ax3AfZOX3XWfpqLoIcQHI663JFASXCvmIwZd7t3yvFfFcHdTNLTHULEQREn54XVFDsHTgnsAZCdD+TNt1YEzmLv4CPpuu3aawT3mFS11+OM1vvqKWZrjzZ4JgtWFy3bN7sJgqPMtw+jwV6J3bKrYA/GLmwCSUAWuayJ4DAB8b15Ic6UMK8pZI7xXxXBQVSARflrhIh1APS1/AmVQLtgghEmQYYBUf0m2PJ8TBcR1lzXxxi61wiOiH1iCr0QG3ffKWZtxzbQrv3z0MafmDy5lKzCxmrSZ4syF0HklXDJjvBlptpeOzfWM++Z62smOBwhua2Tb7Zk9257//z3ucZ/VQRHZyAjSMnkFk6rI9aNnDYAZTVBXT57VYzxI+56tgpcZyEmFKxEC8Rzige1i+w1gsvtn2C0ZKoWZgnMEybESEEAdXGNayC4fFEgMJ0A9a6C+YV0M5NSLjK/zUXQvp9d5ztbcPrphe+wT83EEj5zjv/qCC4/O/T9LoTBBhutjewCkzxR3IJU8Tbi6SIMhdi3rpVkuw64PX/bnQy8Rx52g9aMRoEWPbfk4RbYYAgnqJM1EByLJounCQ4HHxvWhhkhJby3CaeOEUaRy5oIDm0t936yONbl/bZhYL/POf6rIzgyE9DCICQETQyPFUUS0d7QzqjU4LU2Tn3CjmQC4WCrM3sdGgHenq6yFwkuD5wGqyntcCwylELHMJ8fw0gmih16TeVgPqSmIO81EFwe5MuH3yWH2OagBb3a/yfYGsfFmgmOMA/GxxfJKOVYd/3O7Lo5x391BEeHqCByV4cShIMNjYldMubiUSMTgCh0hOR8VGe2uxx60vfYv71IcORiooWQhG1Cag0a9RRi22A8h95mCvERCmReUrQBS2Oqe+4aCA47MaYSm3P0FYLrGt8FDnhSTXLbsf19TRocfaKAAGlZJnwr9H2ozD3+qyQ4vGKcb2ACqbFlIaEd4iOQMZc8cJIVEuCx00F23kjdNhh7keDAhOoWT8jAmSqh3yqW5JkkaAOUEDIhI8FnqJTGag0EV/pw+oTWkOyAh3GZAAAgAElEQVTvyypRmgq7Zy5rI7gHV2mOBPea1G2t274x+33u8V8lwdEp4oJ8ySILoGQrU3JLM0F8Aj3ExiqLd/BGXdFO140luK6J6kNO1Zoj0NfgYQtCErXPiyQvGO8goTZjxDJVHl9lY1ARxAsJ53bQNmSH7XTtW1T6jwPMlzsiSd9n49ThlRvrCb3gb6X86LURHLGJLEK+Xh/zhXzaoTLn+K+W4DhoOfd6NtnSrKpI7monZ5HQkj7Sl+BIK/Mkyv/Owy5Kz18bwdFHyIWEfh/ygDYNjmPinaySBNq3Nz/wTDR0HwPWdtDNWjQ4coOJ7KcSMIJDi7JJbfULIUXI0aQp3WltBEef88BwzENsW31mR5/vbc7xXy3BYc9gZbNzDugoVRiaDh7OI9ABnqokTWWUSgPRl+DySYi9kI+0rdz3GgkOPDDyk1yOJmqC44cabaWk86bJDFFCapYKRiCv3+JwLwsZC5oJBRN5du71xrB/61Rvzc+LTQT6Wl9zbyq5moSQ1AmOG5L5TQP6RMreqZsrayQ4bN6MkVcm8LqTesb7l9IrDQ92CRwdyc7AZM7xXy3B5SsFkx1gmsIW8niukrbQZWXpS3C5R41nYGNB44RcmRD0DXuWP190rQRH//kA8U5zKr1P6Ie8id/CXoRDIN9KUt0EUsPTjd1tnwzwUroc12DL8elY5CKjSWLIxwFCvX+qzTAPCAvC3mWySYKjD1SHpgyQ1Ucjt5f3JFjZFlc0VEgcgjZyQzOmmGbTMYprJDjemZAWiq2a99vGgvHivcnMoKov78qCyT8iIJgbkJs//2PO8V81wXm7GsZvTo5vE+LmrGIqHwVE0yZsbyEgPhQmIlUerPw093IuKB80sWKo02xLcq0wD1DOn0lpI+wsbAEJTsa+6DUZtjWcDYEzhX+4zk34sOkPk4PtHQewINgu0IgImYF4fMZH2zt3/Z3tFzYz6uVT/MALdlEIB7sgJIgHtu6cDWyi9BE7Vclew4dPJVcjiVL/2JqSzsd2mYILJnxIkCEhKJgL+Kgw4EOy9NvneEI+aKFkHkCqpm3Qbz5aMCZGzW/RsUtC6uBcV0IKTY5QJUKaTFiMGXc+bl+xGm0NTQdihMhzmbv/U8x3+ozzjjlLlILZUNvmFTsBHIA+yJl7phx/5iHjb98zVbwpWmpCihzfGN8zhVXz4OXad2ianG0vXvqdFZ0PHSCZfEzINmFCU8K8T2Q5Cfp9DjcGPM6K8EK4AORD7B12GCYxW2SAxP5EXifaW17ZoPQ+rOisdiYMQFsid9vWqA23tt+ZwEScs9VkLAhqJVYRYmOc+JghMd4RWx2lqykdxARiLDyZ1D2LcUBrJJkerY22wJDQBOw+NkZ55Lu1R0Q9c6Xp0Bb/bOaKBduW4gBL/SSnua5yLXOAxRGjO6TK4sDHxuIF0UGOvAsE2/RRzd1/Fsux891jA6lzeA9mGUgFMmEh571ZfNDmWFBYKHhuXcWVqca/z3kp+bfW+B1MTXBtH138HggEAoHAYggEwS0GdTwoEAgElkYgCG5pxON5gUAgsBgCQXCLQR0PCgQCgaURCIJbGvF4XiAQCCyGQBDcYlDHgwKBQGBpBILglkY8nhcIBAKLIRAEtxjU8aBAIBBYGoEguKURj+cFAoHAYggEwS0GdTwoEAgElkYgCG5pxON5gUAgsBgCQXCLQR0PCgQCgaURCIJbGvF4XiAQCCyGQBDcYlDHgwKBQGBpBILglkY8nhcIBAKLIRAEtxjU8aBAIBBYGoEguKURj+cFAoHAYggEwS0GdTwoEAgElkYgCG5pxON5gUAgsBgCQXCLQR0PCgQCgaURCIJbGvF4XiAQCCyGQBDcYlDHgwKBQGBpBILglkY8nhcIBAKLIRAEtxjU8aBAIBBYGoEguKURj+cFAoHAYggEwS0G9agH3aA60f3ENS28pjql/LOjWo+bA4EdRSAIbjsG9omSriPpqIXuXlfSi7bjNaKXgcCyCATBLYv32KehxT1c0tVdQ0FwY1GN+3cWgV0guP+RdLIeI/Q2SZdouJ7t4HM7tHePRDYdLp30EgjubkFwk2Iaje0oArtAcJeUdCZJp0r/zijpkG68fifpU5K+LOkrkj4o6QMN43kCSVeRdFZJ53a2rz9J+mT12+fTvzdV20bIdWkJglsa8Xje1iKwCwSXgw8B7eP++HpJVxgwQti73i7pzJIgyctIeteAdqa+JQhuakSjvZ1FIAiuPLQ5uV1a0rtXMguC4FYyENGN9SMQBPevY+TJ7beSILf3rGgog+BWNBgdu3J7SY+r5tEFV7RQduz6dl8WBHfQ8Vs7udHbILjt++a+KOnUQXDLD1wQ3IGYQ277SzqLJDS3S0l67/JD0vrEnOCuLeklrXfFBZtC4HxuBxAa3MKjEAR3AOBHSQ4FyO03idzet/BYdH1cTnDExL2i681x3eIIvFjStdJTg+AWhj8I7gByQ3MjLGTt5Fbaol5R0usWnjfxuG4IHF3SdyUdOgiuG2BTX7XXCS4nN2Lq3j81yBO3l2twBC0TvHywFB5DWMsxJR1c0k8k/W+K/fvjiH4cp1oEziOJ/4LZryR9T9KH0n9HNH2QWw8liS0dsYxvTLGLXdvmfbmPf8dKi9Vn0rv/pWsj7rpDSDq7pP9IeP5d0s9TDOQnJP25Q5sEgz/UXTdUg5sS/8NKOluaK5hleK9fpHH8uqSvSRozVzrAstwle5ngPLn9WhLk1hQA3DQq/y7p2zUXPF3SLQq/PVrSnWruYVtD7mlJcoK7iKTTVR/ffzUk5P++CoJ+WdXY/SV9q8f0unhFnA9MH3rdbR+W9ABJby1cAPm+peZG+kzMIkJw9R0lXd/l26KZ8jsfXEkgcgK4IUSyT65UeSqPXLiQYGx+7zq2R6vI617VeN64pj0ewXxhXCEvSM/LsdPYMX6QbZsw70rYcd9Y/P2zD1eR2f0k3bzhvbiexeCd6dltfV/973uV4PgQ2JaykjFZ+RDJcBgq4HjKtM29vKSruobqCI4JR0DyaavQgQtUmtb13D19CO4HSbPq0necJ9jsyMJoErShp1bbq5u6i9DWwOynkiB0sj1O4n7nY4cYvKAtkA1yjvTc07sfeefPJXLkObaNs0sgOLS480v6T0lXS55I+/2R6e/n6vDif0hj84WWazFTgA0aIAJ5Ua0FLyiYnDMFjaMtI2jHOKPIkDHJF6C27pUIbir87dlo9JAWcw1BY3u5JDQ2CO34aQ5ig0b4+8nbOr4Nv+9FgvPkxhhBRq+acLDIeNjXtVdHcP6RfDgQiEkfguM+vKhsxyA7/v01kRAawF3T/7a2+Q2trylw+VlJg+EetmJoVi/NMIKQqGIC0Zmg9TynBku0RzQIk6ckreu46Q8852cVsaIBIbltMb//l6lMFKWivpru5W9oYJetyPPKWT/QJCGjOiHV72OSjpAuAB/mBtt8L2iMtMUChXwpLZQsHrmAD15uk65b1KnxZ6EgnhMh3fBiaaHK+3uNNM5BcA0TZdM/NaVq5eRGXyEItIQuNpUu77Y0wbVVEzli+iCxoZmwTT1NCofJ3ynv/12qj57tdEmOVJHfNxKp8DtkwHYTjSmXnKDYNpNGh/0Q7ZmPCvJFS4SA2wgOrQ8iqJO7V1rhw9yPf5OE0R/tJRc0MuYBNjcE+yJxa9gaS4Km+mD3Qx1GQwhuavwxBfh6gcyDpt0K10LeocE1TK5N/lRHcJDbfjX2JOqtYcOaQtZGcLwTWy5sWRCSCXZBtMtcPpo0Ev7OFg0DN4UG6uSZkm7ifsT2hAaaS05wN6u2Rtybi2mzYwmOggu884ncA9gWl7JS0Oz8th2t91EN78yW7jvud+x8pyhcP4Tgpsb/ttUCxPxGcChgNmhyItwymSawcW697JUtKlssIzc+Vrx1uWDjeeUEI7pGguO1sFmhaZiwHTONxf6GTdAM//yN+Dpfe64ED9tSr0k9Ixmy2wiuSQPD+YLh3dvMcoJs0+B4PnYmxtWkzhyBicJvadFu2Xo2CU4lbJEmx6ve+/vZDX0Jbg78cRLdx/WLPhO6sidkLxActhRUbj5mth5oBny0eO284GzA6eANxkMmwVoJDkM/Hk8TjMtodGwVTW5TbeOe5P7/fSvj+oNaQLhwCpK2y9jq4VjIZQhB+TaG3I8WdmfXSN12nq0121cEUwVaDtvlJiEQ/LzuAuydLKJe+hLcHPjfoRrnx7pO8b/rvPdD5vuq79kLBGcDwMdNKAGrLDFObFXyDxHtBSKgPNJQWSvBHSbZ3MwDyPvhgfSkR6FPQipM+OBwBjRJTpzU3cN+lcsQgvJtDLm/S94uW9hvugdBdngd2wRHgy+cioEejXEMwc2BPza3PLYTDzkxejhldlr2CsE9L8WiedsDqjpxVMfIRviFWchG3wmwVoLjPXAu4AQwgfBf6/4/pI+X0AQju9fwSliwWJj2w+/Ypvwz7J4hBLUEweHZJITCBGfEjzsMOnGUPrQFO+SzRxLcHPjzjWPXIwTGC15fPOPYS8m55r13TvYCwb0jeeVKg8e2gpU4x6HOAN9lAqyZ4LBpYV8yuWEVHAz5m3y6IrwzdHnJhmuw73jb1NoJjmKonuSHvn7JJth3izoX/jhAIPHSuPC+mG4gO5w+Y000Q/Gb5b69QHBtFX2xMd07QxdND9WelJy+smaCQ2P10fVEteMUMMnPt7hmyoDoi0Hp+rVqcHh90dpN+MCJiZtC+hLcnPjjBMH+hqPFmyn8e+JlJePldoX4vynwWLyNILgDBpvYqwtl6BPfRWR3norTNkhrJjgCYn04Q243yjU8vM8vaHvhjr+vleD44H01Fsb9pB3fqe2yvgQ3J/7WV05mI2uG97bMhvw9iEnEPv2jthdc++9BcAeMENHzaDcWVW/jRkYCqVesbF1lzQSHg4W4NhNL1Lf/jweUODQTYgMthqrr+9ddt1aCw0zhc0FZ0MiGmEL6Etyc+Jfeh/RCMi0wyVh6mp/7l5sChE22EQR3IPoY17FTkAfope/xgGslOLyoeIf9mHPcIvmUflLTfxPCLAh6nULWSnBo6R/PXvDwIz3p1lxfgmNBnQv/pjFkbuAtv1F2EdkMaHNbK0FwBx26PL2HX7vkbvpW1kpwJLqTr2pC0nzuQSa1CQxM2s6Q7TPx10pwxLwRA+kXtjx8ps97+mv7Etyc+Hd5B8abPFUTtrLePtmljVVdEwR30OEAD1ZRS0y2X3+Yzl7NI9VLg8m9JDeb4KXEW9kkY5Lt23JR7bl5wCfR+77qCdfl9ihCRKy22tiJu1aC471y2xeOJ4Kcx0pfgpsDfxY2Qlq6lN9nS4pTzmRKE8VYLAfdHwT3r7Bhf6Higs9h5ComCFH7bcUTyXf056cS28TfNk1wBPQSlGty0SwDgb+T2UA1ErQaE4iJem9jZc0E95Aq3/ae7gWxw7F97+tgyjHKCY4iAoQt1ckc+BMhcKsUm9iWnUGIEKEqJqHBjZ31M9w/xcHPpHWRipPnrHaxSfFh+BPvqaxBZL+Pls9fe24NLi88SR4qZFdynuA1RSs0ISAUgs7tVH2Hbs0Eh62J8BAfPkEJKj7wNlJowoHAX2/X4n+TrdAkU+MPwaGRUkLK7yxKfcCh5svfQ3i+EknfMd/49aHB1Q+Br8JgV0EI5LJ6Nb7UQu6tJJIc0iBMwwsVL3DV06ZPiO5TD65ti0pgLxqleckg3DM1lAOnUgZbNl8dFxsVnjbCKZo0WLRftJ4Sca6Z4BiTUoVlPnbyNr0jJh9vbHeUpCqVYcrfGS0aZ1ZTaa6p8TeCYw5QNaVUyop3gtyxwaFlIhQj9QVKN05WQzoQBNeMGh90bqcif49SMk2THrKiioMXUmGoQEGkPx8EdhHCU9ASmXR4skz6ENzTUsFO0rA4NAe7GSlExDtBnBC1FWfkd9KziPtrEhwlvLvfqnI9Ee9s1XkPcMDbSNjJCdPZBUTKc0+XenBdqoH4Pg4hyC65qPYM8Gfh8kZ2fmPcMDNQeomxgwg4y4DAWTQ/zmwglMY7Z6zNPE+Xv6MRoUnRLjmvhGqgObGImEyJvxEcbZMn/IhUGsrS0Xgfgr/BFy0PYfwwx4ypcj2Ejya/ZxcIjpLPaCRsA/mHWk1+pAkfvNX2Z+vIRGUi+wlVByw2EbZmea0vtBS0MuwV/Jey1l4gLVLA8uDh/DmU5CGTgCoUvjQQWhLPJWwFJ4U/l4Dy3diLWGn9e7ZNDqqqYDTuuuWgsgrk2bUuGI4YtvBEy5sGh4bKx0NbBA378kxoFG9OW0M+PMIR8nxIPj4KNrKFx1HjbYjYsnCUEL/IOFieMaTLfKDfPNP3nzGBuD9SUw4JPClk6ReFJlx5T+rI3S2VNS9dSwoUAdV1gjcbe29eEXgK/HkmYT6QWi7MYZ6J1m0LINdgSgHrporPbXNtNb/vAsHl6S1dwOUD8MbUpntQ09la5NqM3VMKt+A3Pm6KOnImJnW+uJ/IcMgWLYgPw8gGjatu64D38/GFDkK+RJvzj/bRJghURjtkXOkXGgfaB57hLl60Eg44I1hEKA3E9smCYPlAwB57HlsbCCe3VzUdOpM/yx9CY7/xTnWHzvj7fU5tKdSn9F51mibXsp2HlLA90i+KCYArGjBEztzhEBsWtrbaaswDSAZTAmdYsD3lHhxZ4PbqlsV2DP723iz6bI2J+UPjhFDRQiF03gnNnHdinrAtr5uLXb6tVV2zCwS3KkCjM4FAILAeBILg1jMW0ZNAIBCYGIEguIkBjeYCgUBgPQgEwa1nLKIngUAgMDECQXATAxrNBQKBwHoQCIJbz1hETwKBQGBiBILgJgY0mgsEAoH1IBAEt56xiJ4EAoHAxAgEwU0MaDQXCAQC60EgCG49YxE9CQQCgYkRCIKbGNBoLhAIBNaDQBDcesYiehIIBAITIxAENzGg0VwgEAisB4EguPWMRfQkEAgEJkYgCG5iQKO5QCAQWA8CQXDrGYvoSSAQCEyMQBDcxIBGc4FAILAeBILg1jMW0ZNAIBCYGIEguIkBjeYCgUBgPQgEwa1nLKIngUAgMDECQXATAxrNBQKBwHoQCIJbz1hETwKBQGBiBILgJgY0mtsYApyJe6t0cDMHUCMcnfiZdB5s00HdG+t0PHheBILg5sU3Wl8GgVtX55Y+RhLny/4pnT3KAdAmHJb9/mW6Ek9ZEwJBcGsajQP6wkfKIb18lJwKf+J0oPMRJB0qfcAczPvLdAjxDyShnXAI85fSAb4/W99rzdYjDlR+QWr96RUuHJT9e0kcdvx2ScdIWHqC42/Pqg7DvpCkz0m6Sc1J97N1OhpeBoEguGVw7vIUThy/o6RrplPU83v+JukXkg4j6XAtDf5fOun+L10evMXXcOI8xH4USZD68ST90b3PkyWh3eUa3MsqQru6u+7LktjihuwYAkFwmx9QtlIPr7SxW0o6uOvOpyTtK2m/ivS+kj5gSA45pKSTJQ0Pbe+Kko6TvQrt/m7zrzdrD+4v6X7pCa+vtNcrZE87p6QPFQju+wW8jl3Z8H40a2+j8cURCIJbHPKDPJDt55sz7QGN5G6SXtOja4zjpdPHftZ0H1oN29hdFrbkp0oviA3uzoWXvUZFcO+oNLkfu9/4/2xPTfiNBcIWkF3GbE+9WxDc5oYbTx/ahXn86MmHJV0ybUWH9Awb3W8lHULSMSX9ZEgjW3IPGhf2R5O7S3pEx75Dim9MWjBbW8wCaMohO4ZAENxmBpQtJmR2Zvf4L0g6l6Rfj+wS7ZxG0vElfW9kW2u+/SKS9ncdvL2kJ/To8MEknSBh9Oce98WlW4RAENxmBus+kh6YPRpb2vsm6M7LJV0teV9xNuyq3FDSc9zL3bbymOJUCAkE/olAENzyk4EQBcI6juge/SpJV52oK/eunBUPknSK5GGcqNnVNQOhPXHLCA47KXbDCDpeaDoFwS0EtHsMDgS8pl4um2xCU/QGTyxbYMIl/j5FgyttI8dxzRrcRdOic47KdPDMalt8s5ViunPdCoJbfkgJLD2teyxGbjx4m7QD4ZTA+4rWR2wZcXb064fJVkhYxZSCFnvetI0msPk7kt4t6bs9HmKaqt2yNMGxiDCOp6s0yaNJIhCbsByw+loKICZMBW2aODzkI5Igu7F21h4w7e1Lg+CWHX+M2t/KHvkmSZdZthv/fNpJJWEPvHJNcLFdiOOCMAwyBv5a09cXVR/2tQu/vUHS5RNx8vv1knMln3u0SyYCzoIS2bOlv1zK8sBeaeEhbdDhlX5r8lZ/u+ZiiDyPI6xrl+vuld71qA0PJ2UMr7YJcY2EphCsHbIQAkFwCwGdHoPxHyeAF7ar91i2G/942i0q0nlSCinh/xMLBhmhffBxnlDSpSSd0vXt44lkShod1184aSs4AEzIEiCm73ZJy2l71RcmEsyvy72mbe3Y70ZwzHWyFUh/O1OlRd1Jks3/rgR3sYpYyYIwYoOs6O/HklaG9gv5Envnye2rlcf3PDsettN1PBa9LghuUbj/sV1ha+XlOtXW8MXLduMfKWFoZCZ4IyEgYuhyuXnyTrKNRfDMsp1tirHztj/+N6T52bRtgxzZ/qKxscWDaAlp8YKt6qMtmBD39jB3Td8tKmlsljnSheDIbSVu8bDpmWi1EDr35nKWtOVm24pAhKeXVKdBLjz8e+dxQXDLjvXzC9oJmgmR9UsJ2gu2IGxIyNtScHGTQwKSe5rrYCktyvfft4VdzQcz5++JPY7tm7/mcSkvtwmTpQnunZIu6DrUFtaThwIRwgIJhyyIQBDcgmAnW9DFs0d20Vam7OVbKsfBJVyDaBufbHkA84S6ahjUTc6dNJrSrX0IjvvxKmJ/M8Hh4Mmk9IwlCQ4NE+3LvhcyKI7bghnB1mh5JtheTzTlQEZb7QgEwbVjNOUV73UeNWuXD4HYqCXkJJK+7j7Ub1SOAxwNXYQ8z0e5C3EqUKpoCoLDNvZF1xDE4D3NmyY4nBtorSZoc2xPm4TtL84S/40dudJMf9UF7LhmGgSC4KbBsWsrH6hyHtF8vCwZkEvpIB/tj1f0+h07jw0JLc4EGxz5rlMQHJVPfuMagoRP3tKvJTW4PGvidamCSxt0vJMvvIkGl3vR29qI30cgEAQ3ArwBt+ZVLGiCfFRsUEsIhOa1rvumOK0uzyZejTgvcjhNKNlUisrvu0Wlxh1FKk3WRnBXqrbnr3b9Y5uPh7lN8EabrZNrsTdSRj1kIQSC4BYCOj3mlZKukj0SWxM2pyUE58LZ3YNuVNmFntvjwTgMKCppwkfOx57LrhEcmIGdyecze2QJQmx0vtgBwb1sUXc5u6THVFrm0iC4ZXC2pxCaQYiGFwjPawdz9oh4LLbEJlS1fUWPB1J408fFUWaIuLBdJzi0MMjdtuSEuOB4KIWIGBbEwr3UAfPaKlQGTTBkQQSC4BYEW9INChoTsXFsFZeQvJItGQYE93YVttIEypoQw+a9n/b3XdPgeC8Cssl/NWkKZcHBQDksKz7KPU1e5674x3U9EQiC6wnYyMvRftCCvCyZqvXNLFSBFK0+lYOt1pz1H8Imti+XXSQ47ITvybb4kBxFNr0mh0f40ZmN7gEVQJRXD1kYgSC4hQGv0nhIXeKAGROi+rHXYJCeWz6dTpuy5+BwINyjqxBWQpl1E85A8OET9vddJDjejaT6x2aeZ94VzygeU5wIVBo2oWT8XVIFka4Yx3UTIhAENyGYHZvKwxu4bUo7HF5OUoo46wHNwUse5Nu3Cm4e9kC1DG9833WC4/2wvbFQUI4KDzLhLJx/Qe4pjgS0OcJpKIGOfTMqh3T8MOa4LAhuDlSb20QLIAyCj8KEdCmfXTCmV7YNfkZVuocUKy95LiwlviG5LoL31JczIpfzSFl4x64THNtUqi5jW+Ms1Wd3AS6u2RwCQXCbwZ7E9vz8gL4G/7qeW8WSp1QJ8bfJLoJEfVgHNqULdIQgjwWjssjZau7d1S2qlYQiyJnSVxzAHbJiBILgNjM44A7R+LxUij4S9OuPtxvSu4dU9rx7Vhri49Mp774NvHtUA7HqHdj9KPHjswjqnkm8HE4FE8gTEi3JLhLcXd2pXQ9NNeGGjE/csyACQXALgp09iu3du7KTtcjHJMfRH4fXt4dsd6lbRt4oH2Uu/kPlN3JMfemk0vOo9UbJI6txhmMEZ0OdfWnXCI4QD7amlsVBqhYFAsYuRn3HNq7viUAQXE/AJr6cyHYOnKFkkgkeOYox8vc+gvYHqdmBxnVaBnXdcEJYjBYkRflw6rWVhPLlpJjhUDBpCy/ZNYI7fyHbhGBfQn5+XoMbGJDaRmoWTgdIMQ8R6jO+ce0ABILgBoA28S1oBWQ33C+reEugKF444uTQnvIUH0ISIDWIB7vbPlm/mmKvsB+h6RGzhUByxGlhY/pR+huFHSmlzpbXsh/oA17gR7ZgsGsExxh9IgtyHjINXpIKfIZndQh6A+4JghsA2ky3HCvZzKhc4WOpeBzaAoZtKsNSJRYPrK9S4buE4RtypNpt02ntlN0mpotYOKtsSztoJJT5gUB9Yj3aB9tZToQvCd5hDq6GcH3VYrQYAl+pOcc/X9WWUk3UoyPXk7ZNKCmENsp7UNnXSgxxHgLaFIe4cASfj8kjiBnNlG2+/SM17W+pUWyNlKaC1DnPAe+xzX8wo8oKMYr84/5cMyMc5O0T1HRDG+bgmchJnelD8s0GwS0Acs9HQDYQBVtNqu/yYRGiAbGxvcQxwAeJFoCtjoRuAnDJMuDELovR6vpYwko4k5Xn8SyIgOdgZ6P9D6YT5CG2ugNneFbdoTO+Hzg4PCnxHlQpaRIyBdAaEQimrQ6bb4sCnSTG972X3OC8KAJtYFIgNIQt+hjpmwM85ll7+t4guD09/PHyPRGg5DgOGRYSFgQyFZqE5HwqNqPB+uwVTA+QXMjMCATBzQxwNL8zCEBSOH+oW4e9E625q6AZswBwIUkAAAIoSURBVF22742tOlvzkJkRCIKbGeBoficQ8BV9hx4eQ1oXJeORILiFpkUQ3EJAx2O2FgG+EYKwrdAnNkDOZOgrvlhonY2vb5txfQsCQXAxRQKBZgTQunxZdjywfePZsL/hnTWJPNaFZl0Q3EJAx2O2FoG8yMAl0/GPXV+Ib2zfFNbCPQRyE6pC+EzIzAgEwc0McDS/EwiQicCpYghHPxLH1qV+H7GBVHWxsBJKLHEvaV8hCyAQBLcAyPGIrUeAuETyhi1mD8IjSJq/YZ/zQbsEI0OGZIFwJCM5xwgZIoSGLHXA0NaDPsULBMFNgWK0sRcQIC0ObSwP70CTI+iab4lgbCtIYJgQK/fM6u/kBtflre4F/DbyjkFwG4E9HrrFCFBZhOMSqYXHubAE81KQgG+JGDkqjJCxQUYJGt7+NUVBtxiC7el6ENz2jFX0NBAIBHoiEATXE7C4PBAIBLYHgSC47Rmr6GkgEAj0RCAIridgcXkgEAhsDwJBcNszVtHTQCAQ6IlAEFxPwOLyQCAQ2B4EguC2Z6yip4FAINATgSC4noDF5YFAILA9CATBbc9YRU8DgUCgJwJBcD0Bi8sDgUBgexAIgtuesYqeBgKBQE8EguB6AhaXBwKBwPYgEAS3PWMVPQ0EAoGeCATB9QQsLg8EAoHtQSAIbnvGKnoaCAQCPREIgusJWFweCAQC24NAENz2jFX0NBAIBHoiEATXE7C4PBAIBLYHgf8HDVYy5UrYBYsAAAAASUVORK5CYII="/></switch></g></g></g><g data-cell-id="7QqzYbiBiShg53c-Jw5P-6"><g><rect x="315" y="95" width="50" height="50" fill="#cccccc" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 48px; height: 1px; padding-top: 120px; margin-left: 316px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Verdana; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">CA</div></div></div></foreignObject><image x="316" y="113.5" width="48" height="17" xlink:href="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAMAAAABECAYAAADX/TrJAAAAAXNSR0IArs4c6QAAB9FJREFUeF7tnAXoLUUUxn/P7sTEDmwFuxVbMVGxW2zsxhYVFAsVxQ5UEBUsFBO7MbC7W7G79uPO+vbNu/f+d+9euffNfgceD/737OzMOefbmTnnmxmFxRZosAVGNXjsHrotgAHgIGi0BQyARrvfgzcAHAONtoAB0Gj3e/AGgGOg0RYwABrtfg/eAHAMNNoCBkCj3e/BGwCOgUZbwABotPs9eAOgfAzMDawDLAUsDMwGTAdMGpr4FfgZ+BL4AvgQeAt4E3gReB34q/zrumreDGwWacwHvN2n9hvTjAHQ3dUTADtmAb1PCPx22r8A+jc1MH6X5qRzFHBuzeiaBvgMmDhq5yTg+JptN+5xA6Czy1cHLgbmL6j8CNwC3A08DHwevvq5imaExYElgY2AVSJQnJHpH14zynYHLmnTxrvAvBkI/qnZfqMeNwDau/tI4FT4jyz4d7bkuRQ4LgR92SCZGTgs+2LvBUwGnAMcVPbhDnoPAAKnllQLRDqrAQ/VbL9RjxsAY7v7hGgpoXX7TtlMcG2NyNDy5FjgAmC/Gu1o3/E+MB6wMnAXMEWhvcuzvcduNdpv3KMGwJgu3xy4MYqCXYErakbGltnG+YawdNmjRluaTU4HXgMWAq7ONr47FNr7HtCso/2GpYQFDIDRRpo2ZGymL9jtXmDtEnYcSUXB+gpwZfYF32Uk5S6/Pw8sEWYozSrrhlmg+Mh2wHU13tGoRw2A0e4+DdDavyiLAS/1ISKUHfopzC7b99jeIoW+aO3/RthgfxS++nmz2qALGJYSFjAAWkaaBPgkS1FqFsjlWWDpEjYsq6K0pTbTf5R9INLLARr362zgwIKu3jF7GE+Pr2rOYwZAy9ft1v6HAmcOSSjIT0pzzgnE/VJh7pmon0eEvcKQdH94u2EAtHyjFGecPVmmTWANypOqJyi9qRz/HICWPUV5FViw8IeXs+XWooPq7Lj0XgOg5S1tULVRzUXLiCmjItcg/XoRsGcovq3apiPHZPuBk6O/a/mm5ZKliwUMAJgoBHqRxiAOT7ECPMggmjBQH1RlFiXjwjadEU9JPKCiP88D9h9kx8eFdxsAoOB5J3LWI4HGMAw+3DjQL/7MqBmzBrJdu36pzysVfvgq6Pe66R6Gsf/vfTAAYPksbfh4ZOk7gQ3+d+uXe4EKaCqkqeq7fpdHRLeIZ4dNA3jKvamBWgYArJF97e+LfK+g22oI4kH7EBHuRLkWHUOV306iJZJYoloy5SLatDJclg4WMABalV4Vj4oi3k+vBat+BtvOgYahswYzAaI6dBMxVbVkyuV3YJZsL/BNPzuVUlsGQIuyHDMobwU2GQJH3wOsBdyUVYG3KNGfnHNUVBX5TiQ8SxsLGABQpBjkJnowUI4HGTT6cutUmbJTB2cHcm4r0RlVtJ8Ole1c/SlguRLPNlLFAGjl++Olhfg/4gENUnRu4Kw+dUA1DjFILZEFDICWQd4LNIPcPEodChi/DTBiRG8QzaEfIh7R0f1oKLU2DICWR0Uf3iZy7iCpEGJ75l9srf21BygrKuwpG1Qk9ok6IR6RKtyWggUMgJYxts6OF14fRcYgyXCiNYje8AMwY0bTVhaoilwG6CBPUbSZjtO9VdpMUtcAaLlV53W14VQuPZd+7wN0mF0ZGXH1ldvvJqI1zBPy/sr/V5V2qd1rwg0XVdtKWt8AGO3eE8Oh96LDVwCe6FME5Mss0Rk+7dKm3vlY+F3VaFWlq4oyRzrfoNkjFx3I0XFJ3WxhCRYwAEaHwuRZ9Ve0Yh0myUUbUVEl+nGhVc44nSGbCcTT6STnZ3yffYOOUqHiAPUiyv2LPFcUFdau6qWxVJ8xAMb0rKjGWifrQqxclD1RFqWOKD+vL6++zLrY6rsOjem9+nILJKJA713jpe0KfLpSRdQPS7CAATB2KOgmOB1eL9pGRw7r3Oi2Yna4/tHwKs00ukKxnWjJc0f4QXf/qCDXq6j/H4QrHPM2dKBmrvD3XttN6jkDoL07lXoU8Sy/91NauhpFs4FSjGVFwS6Wpi7Umio8pDRlJ4qyOEjbAh+Hk19105YqpMUXcSm7dErZAaSuZwB09rBy8ToqqQuoclFaUkF6e/g6xxtKLWFUdVUBS9keEdOUYSqKLrVqd32hwKLskP5X4B7Sh+BbNqNQPxm1o9sk4hvl+vCqcbMJA2Bkv20IHJAdR1wzWhbpSQFAN0EroLW21wW5xf1DsXVVm++Pzh7rKkMdYtF9ogKNbniWaB/wQrj+UFcgaimkDfpIollGd5IqwPN/ukcoFp0Z1j9tzNWuaNO9brZH6tNQ/24AlHePUojrhayQCHQ6nK5LtLTBFQBUrNKNbF+HANYyRtVc1ROeC3WG+G1KsZYhqmn/Ubz6pFOv2x3uKTNCVY2/LaOYmo4BkJpHPZ5KFjAAKpnLyqlZwABIzaMeTyULGACVzGXl1CxgAKTmUY+nkgUMgErmsnJqFjAAUvOox1PJAgZAJXNZOTULGACpedTjqWQBA6CSuaycmgUMgNQ86vFUsoABUMlcVk7NAgZAah71eCpZwACoZC4rp2YBAyA1j3o8lSxgAFQyl5VTs4ABkJpHPZ5KFjAAKpnLyqlZwABIzaMeTyULGACVzGXl1CxgAKTmUY+nkgUMgErmsnJqFjAAUvOox1PJAgZAJXNZOTUL/AuOgwtUoqGKWQAAAABJRU5ErkJggg=="/></switch></g></g></g><g data-cell-id="7QqzYbiBiShg53c-Jw5P-7"><g><rect x="295" y="165" width="90" height="40" fill="#cccccc" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 88px; height: 1px; padding-top: 185px; margin-left: 296px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Verdana; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Join Token</div></div></div></foreignObject><image x="296" y="178.5" width="88" height="17" xlink:href="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAWAAAABECAYAAAC/K+/YAAAAAXNSR0IArs4c6QAAD/pJREFUeF7tnQWsNbcRhU/KDCmDSmmSctqmzFU5TVNm5qrMzMwcFVRmblNmZmamlDFlxv1aW7Ks9a73+t533+5/RrrS/7/1Go69Z2fHM+O9ZDECRsAIGIGtILDXVlp1o0bACBgBIyATsBeBETACRmBLCJiAtwS8mzUCRsAImIC9BoyAETACW0LABLwl4N2sETACRsAE7DVgBIyAEdgSAibgLQHvZo2AETACJmCvASNgBIzAlhAwAW8JeDdrBIyAETABew0YgfUicA1Jry5U+QVJ51xvc65tzgiYgOc8e+77bkTguJIuJOkASQdKulbSSRPwbpyxLfbJBDwd/NdIuvqE2+4g6ekTyq+j6JEkPUbSzST9RtLdJB22joo3WMfpJH1vg/XnVYPPvTfc3okl/dIEvGGUZ1y9CXj65J0naDj7Sdpf0nklHT+p5h+SPirpK5K+LOmtkg6f3kzTHbeR9Iykhr9KOtMW+jFlECbgKWi57CIQMAG3T+NLJF0/qeY7ks7YXm1TDS+XdJ2shmtLelVTrZu9OSXgB4QX2M8lHSHpz+H3L0n8/i3pmRnuv5C0T6GLrPOjSDqepOdIunT4QrAGvNk5de0jCJiA25fIbiRgCOyhydD+EzZ/vtg+3I3VEAn4j5Kwo47JCzqTxY2TQpD1ycdu6up+gqS7moArkHKRjSNgAm6HeDcS8LE6wn2DpMsEjfH+kh7dPtSN1hAJ+EuSzlHR0qoEfEdJTzEBVyDsIhtHwATcDvFuJOA4qlN2G3B/CL/2kW62hkjAb5R05YqmViVg6ubl5E24CpBdZLMImIDb8d3NBNw+up2rIRIw2umdK5pdlYDxw/2cCbgCYRfZOAIm4HaITcDtGFLDCSTdXdI7JH2oospVCfg4wf3sg503yzsr2mkpYje0FvT2gHtNwO2TbAJux3CVGlYl4FXaWvUeE/CqyO0h95mA2yd6XQSMny6fxycKfsXYbn8lieipr7Z3s7mGI4f+0ceTdtoq3gr0DZ/nfzbXPr2CTREwnhQXCGNkLv4W5uFbkj41caw7TcC42p0v+KefRBLeLwTi4I/+GUn4qK9DGNdFJGE2OrqkH0l6v6Qfr6PyPakOE3D7bLcQMAEcd+kW7i0lsWFWkp9115/d+bE+sSv/u4Fy3x7whT1z5xv89exe/JUhlj45d7CVXkzSTSRdLQs4iffQJtc/0g7lpBrWScC8XG4QIgbPPtALXjqvk/SwrjzjHpMpBIz55XEDFV5TElGYfbJ3R673k3TzwhxxDy/0Z0l6ZCDlvJ58HcfrcVOUlxH+7jeSxNrIuQP/bOrHfr8uoh/Dd/bXTcDtU7gqAV8whAejqSBEq70tkB4ke7JOq7hEZxOlXJwnwlqvErTOvp6fOjwc55J0q4zU+wgYjeniki4achZQJspjw99pf0zoOxGCRP/tlKyLgNF43xT6T9/RGnmZoNGBN7ZpCOdynSvfMcLg0PhxZ0ujDfvGPYWAsU0TIALBXTVU9vbgsfHZ8LXx955GwP0tQWPnMhovLwm+mnixoM2zZghPR74r6SBJ38jqOk1ne79UmPObJtd4aVMf46WPY/LiMIaxcr7e8xYzKNMRWIWALyzpXd1O/DFDc5+URKTa93uaRwMlsi1qyJDdZSs2qt4dHqhYZR8Bp809uCOfByV/4CVA4Aa/b4aINP6GtnWlnnwYvDx4sHdK1kHAaHWYFU4fOk00HclzPtAzCAjqZd28MXdR7tGR0uMHBjyFgKmG/rA5eJYQtXi94MddagKzFf2PxMhLA00Z01UqrCHmB/9w5GshhP5PhYp5CUXh33wlsQ7w0f5pWAtovGeTRNj7qbJ6zt+tBda0ZQQBa8DtS2QqARPlhe00PvQsaD57fz3QFQITWNDY25AfhGCFIXNEKwFjFiFstySE8T4quUh4MATy23ZIq2pYBwGTNpL0kQhEw5fAkCmFUGYIjzwgCJowmc/4W59MIWDWxXsCMb4+vAiGbOtotB8LNl/a/okkXrK/L/QFE8XDk2tDL4+UgLHr8mVVEsaIW19a5kkh2rBqIvfkQibg9tmfSsD3yqLSyFSGbXdMntZpNrdPCt03I8D8/k0T8FGDZnTapGFMJn3a49jYVrneSsBoaR9PGsYMcUhFR8iEl9picWXDPNFCwLxY0VAvGcwhtDFmR+VrA9NDlHuO2JDRUtksi4INe99Cv6cQMFVg7sL+GwVNnLFYRhAwAbcvkSkEDN4k64naL61DYGi0Y4KtL9W0uId60Dz7ZNMETJuvzPLdDm0UjY1v6vVWAs7vJ6/Eiyo6gd082oYpDlmRFa9vM7NGA8ZO+9oQ/QcJY//F82JM8rSomC0wLQzJDzNNFbMWX2C5TCVgNO/UU4e9AMwTFhPwxtfAFAI+a3AJip2CRFMNcqizkDe2PWywUTBd4GLUJztBwOzas3sf5YZdJjjw2AlpJWDsvXEDlP6eYUI+Yjal4kYZ95ZyPo8RMHPKONh4Y76wrWPjrxHWAiYfBG2Z/QTsskNCgAvuY1HQ3PuCUaYS8LGDW2KsdzdkBKzBcOtlrAG3T8EUAiZB+nOTJt+bbZSN9Qaf29QrAbej5xVu2gkCJsEPJpUocyFgyBaSiFJLYLE8rlz3Se4v7fyPEfCTO6+FOwWPC0wKfxlbAOE6L+10wxYyTl8mpWrQsC+fXCRlKV8xuUwlYLxD0r6bgCsn0gRcCdRAsSkETAIYbHVR+ORNUyqO9ealnUcCO+NRcBVLCTC93wRcRvMKIVF+LDHlS4R72KDELzsKG6TYlHMZIuDU6+T54fSSsfmP17Gv8vKOghkqPXmjVA8udXEjlzK3yBSCeJ8JuHYmGsuZgBsBDJ/ctQnZeWh5eKPgR3rbCV1go4MNjyj8HzegPjEBl4HlJcbLLAq2U2yotXLd4JIWy+NTi0tYLiUCxmTx1KwwroW4JtYIfr14SrRKydPFBNyKbOX9JuBKoAaKTdGA85MqprrrUD7NFPaKzqEeMjABS7UJ2cHq1uFEjYgbblQEW9RKTGkZyxOpeIpKAiYh/AvD5l0MjuBWTApsXJV8c9PqidrD7BGl9AKoHU9ezgS8KnIT7zMBTwSsp3hOwEQOpRFl6S35xhGuZUQY1cqhmcZMfWnUUlqPNeAyqoRO89kfpTYJfCyPt0d6vBPkmXq2xHK5Bkw4MJtl2EuvGIg4vQ+tGJvwmOTtc5gpdu11iQl4XUiO1GMCbgc6J+APB4f+vprjpku8xoYcdrhagTQgjyjURy6JPjEBl1HNP+Gnbhpht+flF+XzXVg54d+55ATMdVzMsEG/L5xYknohYMvFS4EAiyHBe4Ew5SiEH6feMbXrqVTOBNyKYOX9JuBKoAaK5QSMbY7ENX2SB2FwMkPqzjTWGxzv03BfotHY2OsTE3AZzTwIg+i9E46Bn1wniowN0CiQIaSaS07AECyhzvj9RmEjFu+RKNijIfMhX+ADJX06awxXMA4vXYeYgNeBYkUdJuAKkEaK5AQ8ZNcl2QnEGIWQZNI71go5GdLoJc58S+tL6zEBl1HFbYqQXaL5okDAtWHU+WbqI7qwZM7dy2XMDY3y+PJCuqkbGSHDHKxaEswYmDMI4oiCe2Ia2Ve7pvrKmYBb0Jtwrwl4GCzCN9nkQvMsRRnlrmFoQunnYdoCuQRwFzpa+CNO9zz4Nc73PMxsNMWNG/IE8LdSPggT8PDcQlap6xiuXYTQ1giJadK0lQdnYcGxjhoCpixeNGkAC37JRD4OnWJNtFnquUGKzAfWdL6ijAm4AqR1FDEBD6OIPY7ooZKGw91vDhsq/JvNFTSaIYd6PBfIfBalFI2U9yy3OxKKymZMSUzAw3OL+16aTpLEQuTXGJM8CIJQXv7Wl7uhloBpMw+SIIE6L4hSdBtrMu0vduB9Crl+x8aUXzcBT0VsxfIm4DoChsz43O+Tw7toNFIVIqQmxD44JORnJaItYg+BE4I6JGi9aEOEMkfh5TCUucsEPIwp2cdISMPpHgihyXgkjNlRIe3U95osY0TG9ckUAobE0Wqx5UZhzyC1NadtkEwf97PUlY10mYQ1j4Ukjyy3/+W3iDKWDY1yjoQbQ7Rw3QQ8DFzUgPnMx0aXaznpbjSmBeyzQykiY2u5NwQhyqlbVN4r3JNw3o9S475mAh5/KHJvCPxzUy+TvAZSVxK6G0kPLRXbaylz2RQCpi18vNlDiMKX1AEDp5bwwiebXips7PI3Eq+XBNsxL6CSzdsEPL521lLCBFxHwJTCvYzPVB46FigaMUeoY3KAdPFOQLOtEcJBsR2TdhChPjQriDUeG8RDzguAz8w03SE76NgMxzJmmYBrZuL/yYTQMuOzQE7eh4Svi5hpjig3IhZvl5Av2b+Yc76ASjKVgPMcv9RLek/s0ykpxvbQPA8LCfrTPtBv7iNDGxos9bLXQPYzNGeyt/FSx4umT0zAdWunuZQJuJ6ASyV5AHE749iYKcJDwQPAZyabc1GIhGKHnoc33aU/IrickYGs72HktAMCQPhBGGjVaXQWmzzkLIDg2VAkNyx9YDMJswgBHemmFESEnZkoMfxcI+HziYybFJFj2KXTCDLsmAQofKIiNeIUrNAC0TQ5BBIzAT82oNLPdUiHcRGUEH+MlT6NCZowEWppMAPH/5Akn3P74kkS1IO2i6YMcZe+djBJgSUnUaQ5nOMcstmHG1maSpS5Jp8yJE+kXSr4HJOvmBc8UXepkB4Trwm+kNJ+lsbM2mFTmXWXppDEjxiMWQupRwcmGTRt1jc/UlpGAS9c4jgINM2Kx/plnbLRyZorJYkfm5fFXzcBD08x2i2fhRxDg3kBUsSDIR7Xw4kKZCOrzWLV1xpt4BuKRg0Z0gZHzPB5SJYrFj2JVyA2XI9KwkPDTniNQCy0M3QoZ1oP5BwDD/KTMErt4SpV491R019O5iDz21SpsV/GOiFAfLL52oA8sQ2TvAYCAi/IHeLkpdR3dFTat6HDUWO5/IgozoMbywWBVgtJ9wn9JbsZ11lHrCvMDBwkivcML1H2DEil2Xd6celQzrQtlA1eglGY3zS5T1+/8FMvadpT53Nx5U3Ai5tSD8gIGIG5IGACnstMuZ9GwAgsDgET8OKm1AMyAkZgLgiYgOcyU+6nETACi0PABLy4KfWAjIARmAsCJuC5zJT7aQSMwOIQMAEvbko9ICNgBOaCgAl4LjPlfhoBI7A4BEzAi5tSD8gIGIG5IGACnstMuZ9GwAgsDgET8OKm1AMyAkZgLgiYgOcyU+6nETACi0PABLy4KfWAjIARmAsCJuC5zJT7aQSMwOIQMAEvbko9ICNgBOaCgAl4LjPlfhoBI7A4BEzAi5tSD8gIGIG5IGACnstMuZ9GwAgsDgET8OKm1AMyAkZgLgiYgOcyU+6nETACi0PABLy4KfWAjIARmAsCJuC5zJT7aQSMwOIQMAEvbko9ICNgBOaCgAl4LjPlfhoBI7A4BP4L0T+GcqD3lpgAAAAASUVORK5CYII="/></switch></g></g></g><g data-cell-id="7QqzYbiBiShg53c-Jw5P-8"><g><rect x="295" y="225" width="90" height="40" fill="#cccccc" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 88px; height: 1px; padding-top: 245px; margin-left: 296px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Verdana; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">kubeconfig</div></div></div></foreignObject><image x="296" y="238.5" width="88" height="17" xlink:href="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAWAAAABECAYAAAC/K+/YAAAAAXNSR0IArs4c6QAAEpRJREFUeF7tnQWwNDkVhc/i7u62yCKLu7tL4e4UsLg77ELh7u4UsLi7s7i76+LuLv1BblX+/OlO97z3ZvrNnFs19erNpNPpk/TJzc29N/vIYgSMgBEwAitBYJ+V3NU3NQJGwAgYAZmAPQiMgBEwAitCwAS8IuB9WyNgBIyACdhjwAgYASOwIgRMwCsC3rc1AkbACJiAPQaMgBEwAitCwAS8IuB9WyNgBIyACdhjwAgYASOwIgRMwCsCfgdv+5CBuh8v6fc7eG9XbQSMwAQETMB7g3U8Sb8YwPDYkn47AeNlF/24pLNKOnLlxieXdOiyG+T77RgCx+nG6gGSri7pNJKOIuk3kr7e9f+jJL11x+7sircFARPw3jAeRtIFJO2fPteXdPSs2NwJmKYeVtJ+kl4l6QxZ203A2/LazKKSi3R9fLCkE0n6t6Q/SDpm1rIHSnrYLFrqRvQiYAJuD44vdUR25l1GwNHcj0k6nwm43cm7rATj8ZBEuKx40IB/KunEkl4h6aKSSgJGsUArvkXSku8u6Q277LnXrrkm4HaXmoDbGLnEchH4oCQ0YOQ8kj6V3f5aaeVTEvBtJT0jK/fXjqzPKOn7y22675YjYAJujwcTcBsjl1geAheX9L50O/YiMInlcsSkDT+uMEG8XNL1irLXTWaM5bXed9oDARNwe0CYgNsYucTyEECLRZtFPi3p3JVbX1LSzyUxdkPQiA/K/v+PpLNL+sLymu47lQiYgNtjwgTcxsgllofAV5PpgDu+XdIVRt4aD4nXd7bjy3T24X9JeoCkR4681sV2CAETcBtYE3AbI5dYDgKYF/6UvFy4I4R6jYm3PknymMBrwrJiBEzA7Q5YJwI+qaQftx/ZJWaKwKklfSdr22s6MwObbpZdioAJuN1x60TAJ0y2wfZTu8QcESDAJrfZ7gYCps0EN8XG4RxxXVmbTMBt6NeJgHdDEEm7Rza3BD7d+HaHzJmAcXEjLP46kr6Z7NZs/FkyBEzA7eGwTgR8JEl/k4Qtkd1zHPoJZ/1HCr/+YufU/zlJW3lRziTpnJJO0G3ycD9CY78r6aNbzENxqtTm4yfXK56DvBZ8fpjCb3/V7s49SkASeAIcNwU1YBf9ZWdX/XxHHF+ZWFerOKHhRFgSmXisdB8wyT0VWnVcWNKHVkjA8MVpuwCOc6QIvGN0m3n/lPSz1MfgBpYP6kj3hslWDZ4X2wE8W1jtit9NwO1uGkvAENonB6p7WvfS3UHSjbpB/JKecoQ9E8lUCo725+q55taSntvzWx4JB6lCXrgj3awIW80vJw/GkzuSeKKkP7bh+V+Jw0uiHfeWdIqea9h5R2NDK2Inf4wctTOZ3L57wW8nCftnSyBgwm9pe58QrnvX1F42pPqEyLJnSyKB0e96Ct1K0nMqvzEpcJ8jpCi1m0q6dPq/LP7eNCZ+0nOPKyUCI7qNMXC4Fggp4u0+qdy3EmnWLmOy/NqI+piw79ztH9xmoC6qISSacUYoPMLki0sck7qlgoAJuD0sxhIwg+5CnW/mVbpdZsI8wRaieZ6kzyafTV5kXsqzpZeJFzj34+wjYGxoZ0kflnQRBUXrxxIwLwfaCJrpGOHFxcWJv0NC297SJX45byqERvRmSZ/oCPkvknjJcfiPPAXs4qMdtcJgWW6/tiPBIEle7A9L+kCyY0MKkD3lwJBQW4QAhHv0NBgNlPsyESFEg70t9Q99g42cQAfKxbvBhESo70cqdfJMl0r9cZO0mohid+m087sNTEh5dSTPYdXw5+IekC2rk6lCyHEQ8MlS3WitEGg+6YwhYDDG3Y2yCP376mTTBRvc22g7z89YCAFbNF/GgaUHARNwe2iMJWBqggReliKOIF9eZhzi++Sxiazj9z4Czq/nxXpE9sVYAuYSoqHekSYGlo18MBOcTtI1k5aTZ1FDC2Sy6MsOx7Vo/UwOyI+6F+6KFed+Xno2YU6fykHMEHbf8htt8U2pbVyCCQNsyHtQE7RjyBpzQh8BMzm+K8sSBzEwMXyvUiHaJlgFWUEmly2W/+Vl70+EE9+DBRtmfH4g6dfJheyUiawIIc6F1cOjG8Px/MmUE8Wm2oDfnSaMuL5FwJArZgXGB8LkyYRT6wfIF22eTbeQq3Xk/MbGM230zybgdvdPIeCIUvpGehkhsCFZNgG3sqFhE4VI0ARDIDbIuSZ5+9Gw0Rz7NB4IEA02BK35ypVKIT2WrKGlsoyFrL7dwPK+3eri4T0ETDY7iCTMGCz3IYohmzETD8+Cpo1AonzXZ44oCXjfgdUDqyWIickqhFUSmuSQLJuAseUemDWI/x860EBWZuSpCOHdyQm58Xib97MJuN3nYwkYrRTtFKJg6YUG1JK5ETDtvVxacuZtr2lKeFTgU4wWjJB7FnvlkLAbHtoUJgW0QTbQcnl+lyDm5tkXmBPQalsCSUOYNQ0Y7TKP+sJEhG23JU9Jdvsod79i9ZFfP4WAuY7VAKaHEJb2rD742yfLJmAUCSaSECbovM21drKqys1c5ClmBWOpIGACbg+LMQQMSTwmLWchX7SlMTJHAqbdEFm+RObZ7lU8EBuKEFQIm2V5tq3a87P5yCZkyA3SUj/+R/MmO1donX9PmvCYUzww/2DjhsBzGzBjnEkx38SD+Mf0UbmxyjXUg7ZfylQC5vqSrND6eYY+WSYB4+GQa/tMDPRL7dnz9uaZ2vjeZoiBDjUBt2myRcC3TF4IaHKQ75TZfq4EXGqMbEBhQsiFjZjcNIHdNHeRqiHL8pUcBCGsGtAqQ9B8IdAQbLbYXscKbnW4kuXkyne5rZnfIOAxwvsBIeKqF8KSuma7XoSAsZ/nm7AtE9EyCbiMuqtlXqthyAZsvhLCA+TFY8DexDIm4HavDxEwYaC4jaHJQL4tj4HybnMlYEiPzboQNs2OVmg/TDT45oawEfflBpwlsT8zuZjFZbjTMaGFDHk0tHvu/yVIQI4nSggbRWwkjRUmH2zbIbQvnyTi+0UIeGrC/GUSMJNObiNnDLAp1xImTTZRQ3hH2Cy0VBAwAbeHRR8Bk1WK2R63Mnwp2YEnOGCKzJWAsduVm168kGyIISz3WZLm4wdNEV/fIeEFzo93eml3nxtnFxCYAMmEkHbxWVMArZTFJSs3n6CNoZWNFbxaMJWE4KnARFLKuhEwz4dbXO4Vg6dDK9gFG3F4u1BHmTB+LO4bUc4E3O7mGgGzGYFLD4ECIezA379d3R4l5krA2CJL9zmWpOGyRSRXkPHER96jOOSW24SZyPIz7Ma45bXuTzAFrnoh2KmxV48VJgD8Z0P4P/Lx5nWsIwGTbQ0bbkhLm8WDBVNc+GQzKWPXb9mNx/bF2pUzAbe7tCRgbJ048+OEHwONWtAIsefh7jRW5krAPFt58jPEyK44gnN/6b3AeWQtt7sWLriHcchkyHZs4JQnQTwhBUi02hK/U56gihBMTkwMpawjAV8+BarEs2KzvuCAp0aJFa6Bzjk8MNJMwO3XsCRgHOpZjqMVYesiMi3kMynAoLUUj/JzJWA0mdKNDmLE1o3UNOSxngVDiJd2ZY7QeWW7iwZLvLAwOeC5cacJdRJCnmvM1Je7yUVV60jAPBth6XfM8HpnCh7KNyIZD3ie5KYebMH4eePJYulBwATcHholAXMFpgZMDiyviHjLz+XCFxi74xiZKwGj7ZY5AiKRD8+FOxLRYbnsvw3H2xCMgC09hEmulmthDLZRhrwQ5DEIYUOOEPCx8oKUOyOvj1wSpawrARM0Ark+uLAHY6IiQpLNWcKVg0tQPpjk8G5h484ygIAJuD08SgLmhc5fwHKXHWKCjGK5PnSHuRJwGYyBuaFMsoO7Fy9fCK5HBGNsRYiOy6PD8pwGi9Zbel5MPUWibFPfBLuuBAzu5KTAe4QN0vek1JJsyLFBB8myKsQDBjdENlZL89Sifbf215mA213c8gOmBgYlWZ9CcEYnD0QrreNcCZgl+pOy56mFI5ceC9th7yNTGppWCBudeJtsRXA5o54QbPS5lt2qu4wGoz15fXH9OhPwUztt94BErrnXSgs7/95AwATcHiJjCJjwWpKu5C47DNinN6onwiyP2iJN5Isa12wlGU/L0T9uzSbjVbN2EPWGLTSX0jaK9sMG5VYEmzq2wxAygXGMUl8yoDH3IqKL63EXRFihYDIqTSi1utDysHvHZisbrXxXywexrgScp9y0S9mYETehjAm4DdYYAqaWcqnLEp0orKHlWKnxkfiE74ZkpwmYDUbaHE73+IKyKVeSDpogGzK5oPWTLnJRgegIZsnDhstouUXqxnOBzGchmFjKttfqxV+YTbcQov+u3dOAdSRgEsCzumPyqkVDLtIXviZDwATcHg5jCRg7GW46+fK2laAmwpijFdjRsB8PeVHsNAHjNpQHGmAmuWcFJsiSYI08Go72Q8JD+QxaiLNyYMkbAha4o2GLXVSwXUIgMd4JoCFv85DwfKxqmERDIKRDNoSAWTmQPCkS6xBggR/wlBM8Fu2vjbnOBNzu6rEETE2cWECu1DgRgO+wmbExURMCOsrTITBB4Hda+uESQUZSbX7LjyKfkg+4ZYLApQ6/2Vhy4wnBPfuW67gZkbc3F56HNvURVZTl6JpaVBVjkgTgeQ4ISJiJgNDkljkCf2TKlFnFSm8INk/xcOiT0v2q5b62bhowWi+ruDDdBE4E4+Dv3ackEA3K2GUcYCsHF0sPAibg9tCYQsDUBklwEkIIJEM6xz7iKDfwuA7fSbRLBjJRZ3xweYMYIcNIAUnZKQSMLZdcu6SRxLRAXWg6tA/7cx5gwOYTS/VawvIctYPSMUclkmiPuJVhzuB5uA+mDMwLuLmhXeVhx/n1kDMbf6VNGZswxzNRL7jyP0EjfPBTJp8u96hlFcN1jsi7SCDEBilRcRBruNyBL1ouLlQ8ewi5DDjFYyjUfN0ImGcv03G235a9S9BfRDu20lguUveuv8YEXO9CNmk46oZTG3A5gwBDyCNLohqSi5dHyEAAaJFlrgA2qEjggudAORAhJOymaKd9QignnhUszdGEc82Nc9uonxMnCJPNUzei5RFE0HeeXO1+aDbkS8Ds0Ir7j+vR8jFdDJ2xlt8LcobkhswKnDPH+XV4ZMRxRq0XjhMb0JTJulbT0CBYTDj0DxNCCNeBGxts3DcE9ypc4dgsrXm0MBGyMcVEwjhB+w4hsRD9SnAO2mBcz+RAxCRjhWfLc+eysYm7F0l6mCQRXP3IRMdkhN09TxPKBM24wPTDIaLxiRULdnwmVz6sthgPeRtZmZF6lAmINh5aAMz1r5uYka7WRzwLY3CrkZKt/t91v5uA611WZuWqleKgSLJ5hYw9v6uGOS8+ScKxS8YGFIMW7YGXmNMT4oWsJUyPNmAuqB2AiCcBmh2TCi8iJ9tCBLzcaKfYbNG4WTKi7Y3xYS4xQcNkgwp3PCYuiIWJC60RIoccIBaeZcohjZAvtkeyzfESgxUTJCYGCIjoOQgd4sLmDpm2BA2biRJCI70kdYIF9YEFpEl9B6dleF99fYdyluXzPBqYV3LtulY3ZqxYHZC+c+gUivJ6otbChj7lWvooP9Mt6sWcxmScH4PVwrf2+9QcHIvcY9ddYwLedV3mBhuBpSLAxMdEhIJxiRHRjkxkaNx49HCoawiRc/lRV0t9iLnezAQ8155xu4zA6hFgs5dcHJhlpublYEXE/kkcQcXTYPZhY8+SEDABeygYASNQQwAtFlMMdu5FD9csz/czARdIm4D98hkBI1BDIE/jiQ2aE5GnSp7Mvs/GPLXOtSpvAl6r7vTDGIFtQ4DDUSMB0yInk+Bxwvl7bAAj5ekn29bQ3VyRCXg3957bbgR2DoE8CdEiWenwnOD4JmSRwwp27slmVLMJeEad4aYYgRkhkEcC4pqHi2PpJ1xrLht2JGYnQCciKvkfX2pLgYAJ2EPCCBiBGgL4BOOPzAGtCFnhiPIkeAbtOA/1ZnNtvxSwQURl+LITqQj5EgZuqSBgAvawMAJGoA8BgnWIziMQJucKogyJHOQvB9PmaVjD5EAoObmdy5NVjHaGgAnYw8EIGIEWAvjykpGOaMp9U8g5xEtwBpGOnJBNzg/c1UjCRLa5VtKk1j034ncT8EZ0sx/SCBiBOSJgAp5jr7hNRsAIbAQCJuCN6GY/pBEwAnNEwAQ8x15xm4yAEdgIBEzAG9HNfkgjYATmiIAJeI694jYZASOwEQiYgDeim/2QRsAIzBEBE/Ace8VtMgJGYCMQMAFvRDf7IY2AEZgjAibgOfaK22QEjMBGIGAC3ohu9kMaASMwRwRMwHPsFbfJCBiBjUDABLwR3eyHNAJGYI4ImIDn2CtukxEwAhuBwH8BdxEdgdD6sEUAAAAASUVORK5CYII="/></switch></g></g></g><g data-cell-id="7QqzYbiBiShg53c-Jw5P-11"><g><rect x="425" y="75" width="140" height="80" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 138px; height: 1px; padding-top: 115px; margin-left: 426px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Verdana; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Canonical Kubernetes Control Plane Provider (CACPCK)</div></div></div></foreignObject><image x="426" y="94" width="138" height="46" xlink:href="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAigAAAC4CAYAAADJ9BfvAAAAAXNSR0IArs4c6QAAIABJREFUeF7t3QXYPU1ZP/Db7k4MbEVRULE7EBsDBbuw828hdieIYAdiYCsg2K3YLYqBrdiFgV3/8+HdkWHYfs45z5597vu6nut9f2d3Z2e+MzvznbvmSSIlEUgEEoFEIBFIBBKBjSHwJBurT1YnEUgEEoFEIBFIBBKBSIKSgyARSAQSgUQgEUgENodAEpTNdUlWKBFIBBKBRCARSASSoOQYSAQSgUQgEUgEEoHNIZAEZXNdkhVKBBKBRCARSAQSgSQoOQYSgUQgEUgEEoFEYHMIJEHZXJdkhRKBRCARSAQSgUQgCUqOgUQgEUgEEoFEIBHYHAJJUDbXJVmhRCAR2BACLxgR7zZQn7+LiM/fUF2zKonArhBIgrKr7szGJAKPQ+CNIuJ7RrB454j4usRqFgIvExHfHBEvHhFP1jzxewccX3RWKXlTIpAILEYgCcpiyPKBRGDzCDxVRLx0RNwmIl4iIt4yIiy0RZKgLO/Cp42IV4iIH6seTYKyHMd8IhGYjUASlNlQPS7r7stHxOtFxMtFxItFxPNGxDNGxNNExH9FxL9FxGMj4q8i4i8PquE/jIjfjYjfPiwSvxIRfzz/dXnnGRF4h4j4zK4fvygiPvmM7z7Hqz4rIj7qBATl/hFx9wUN+PeIeOqR+5lT/mBGed/XaYlm3HrUW9T9X5OgHBXTLCwRGEQgCcr04HiWiPjgiHjPiHi+gdv/4bCowfIZuv8Olcpm/aaHyfVnpl+bd5wJgdtGxCMa9f3bdWr9M1Xh5K85FUFB1F+709TQ1rxsRDxT1Zr/7Yj5b0XEoyLi1w+anW8baS0C8E6dpuIVuw1Buf3XIuKR3d/DI+InTo7aE78gCco1gJ6vvLkIJEEZ7/v3j4hPj4hnrm77k8NE/O0R8f0R8YsR8dcR8Z/d9SeNiOfpJupXPix8bxURFsBaEJTvvrlDbnMtf5+I+NKmVl9y0ILp+73IqQhKi88XHr6HD6h+RNzrb2cunuYl2pn36B6450G79dlzHz7hfUlQTghuFp0ItAgkQekfEyair4+It64u/2NHVu4XEVTVc+X2EfEJHVmBN3+Ah859OO87OQKveTDb2ZHXQmP2BSd/8/lecEkEpSUnTFOfcz6oRt+UBGUjHZHVuBkIJEF54n5+ioj4roh4g+oSnxL//tUrDAuLoMXwbSfU3Fd4RT66EoHPOPgP2aX7Hh4SEXertGIri9zUY5dCUOD/FZVfyz0i4l4bQjIJyoY6Y2ZVmB1/ufMr+6SZz+RtG0EgCcoTd4Sd8wdWP3OK473/G1fsM86XzAbveAhZ/IYrlpWPHx8BpgjRL5yb9yaXQFBacvKREXHvjXVEEpSNdciM6jDXvm8SlBlIbfCWJChP2CmvFRE/2ji6fnxEfNoR+u79IuKLu6RPX3OE8rKIRGAuAlsnKOahL+8c0bXpIw4O5587t3FnvK8lKL/T5Uc5YxXyVQsQeLqI+PMueEFkXmpQFoC3hVuToDxhL/x0RLxK9dOfRsQLR8R/HKGzXiMifjwi3qtzADxCkVlEIjALgS0TlJacfPghdP8+s1p1/ptagvKbEfFS569GvnEmAuZaxJckQZkJ2pZuS4Ly+N4QddOG/9rF2c0dQ2DNhCDi57+PUWCWkQjMRGCrBMU38WUdadeUDzuEKX/ezDZdx20tQRGezschZZsI/EJE3CEJyjY7Z06tkqA8HqXW98QVvidCic8tUmpLoS299rNGhFws1JX/fFCDC3P++Yj4oyNVyrtMsv6es0s0Z+L9qS753JrXPHeniVLes3VRT39z8L+hEld3Se2OJaeo/5q6CTEXsWVHrc1y4kjaJ/pLuO3vd+3Xh1Mi8d9LRoTEZfre31N25che+nOH3Dxy6syVLRKUlpx86CEk+b5zG3RN97UExYbmVbu66CPa1xfpcsH8U5ew0T0SNq6VJz+kJXilLiPwc0SE3DKP6fLBmJtKioO15dfPSUSpPZJLSoa3RLTbJk/yShswZfxIRMBhjRj/6mMOgbs2S+JHy+2bmhJ94d4iazUoT98FNzx/911LxmkuQ37k99EfS+SFOpyko5CdmI+jIAxJPCX0ZJJK6RBIgvL4oeCD8pEVsbjIErt0AF5lcPkg5X/wcY5l3PQO5qL/FxG/1PNC5AYZ6BPv4NXO38YhaEKp6+Ra5Rl4uP6TMxuEKEiyRUVfp1VvH4frgw+J0T61m8T6ij9H/ceyoPIXanOjDMEged9HHyYryd2QyTExlhDMtx/A9d27aCLtR3iGhMnxWzqsTW5TsjWC0pKTD7nioXtjfXmrg5PkXzQAWXTGFk5Zoo3/VlqCwl/tgw438W14i4OvGjLRJ0xB8il94yHlwP9MdVZ33Vj62C6iqe/7dJs20ECJQrOA19LWtb6mznLWEBsfTqTGfJn/pFIwtxirCEcrRdNlA2WOkIn5BXru+/tuPKvjHBFBySwjtPzWAw8gPw/qMIdrLYj9Xbp56I49Zye1RcqtI3qvT8zBfA/f/NB36tUnNokcufkWTvWrCE7vK4R2CA/k510mztKag+Uu7kmCcks32pm0E329OzpXZ9eHvMm14sA3uyS+MBY3Wg6TCVMRwb5fv9kp+N1EKcOnj+KuHeEpbZBTwu9TH4r77RZokWQAHRMak+/o7nWfuiI2JnCJ7ETIIEZvWBEvWhT5RnjZt3KO+pc6yYYqrFjm0iJzCYrswib6uj8k4aOBsmDQopj09UV9qJxJ7zt72l0Tib/t8uXYpel/9X3dw875barnLKL60aQ2JlsiKOYc5O+9uwofI+eMjQRVvj/RP3bdRfoIimu0U5Io+pNcrl4Q5xIUWixkh3ZrjkhfYKxNadF8c+4t7TCWkHqRhDYCtAPyKRUSSzv3Jl223roexjStxht318s1hMriC3vk2vxXSyEo5pvXOWgL3qybZ8o9CAKSrC1jRLrc7ziEB0wA9Oxdm2mLiPnBN0JbaJ5DGLyvkDUYioisc0pNHZLZVmGIoEgQiFQVwglfyTlpObzfe+r5k7YJMRrqV9Gb5omy3jrPiYa6OPA6N0sCT+OY5FlZHRBJUG4BwiL/g83otSvD5s8p5QNDjvw/00ArJh2Du3w8UoDfbqSSJqNPrK4rUz4Xf1SKJlm/2bFZOH1otSBJJr8hYc5gtqG6JIgeUlQfqlaetQgIsX71qrCpcNJT119VPq7T6JRqzSEo7TPGz7seFt4/GwCKk7SJjFp3iqAwN9JE9anvmUJqJ1ITnx3xmGyFoLTkROh9HdJ/jG+t9jtQ3hBBqd/1vR15Lr/NJSgWTrtnZJz5QYg6YmkRs7gX7UL9LuPkTiOaWUcG+J4QH4Lky53UklAaUN+m8URoE8wNfYskksHcUuRhB5JoU1HIgN0/EuSdyHYhKOX+9nmbJ5sWc4//qpt209oY54g7bUYRcwxNjA1Pn3hOmy3UBCE357R5p5hFtIPmhsBfGxyB0Io6yKlTZK6JBzn42uo5PlE0Ou236Pusw+Af2Gk+2nqon/m8rLXIz1f11JeJ0OYG+UyC0gGUBOUWIKjWW4ZvhyHE+JxSCIpJ2+Q9JAayXVERH/aQlqNd4KeiiKg8HZxXxOSFhFDX9sm3Vrt6mhPamTGzkF2CyahMMnZKr9b91lf+qevvnUsJCk2QxaF8P3Z5tCRDE3BpF4JicZoiKGP9Sd1sQSi7LYTQYjNmitwCQYEVbZmjBYpYuGjWjuVPpdxzEpQ5pxkjF0w7NB9FhrRGtBH8JgpxQHZpDoZ8LpiA6hQIQ2S/JRjGioWe1lMCSeTGYl/KmyIosmwz5w6J75kJutauMIEhRn1iobfgE/MN7YRvqk9sbupzmGiaaHhaWUNQkCjzaNHS0OD4VofkBw51YUoqgiAaf7XQNpWM5O73/Q+JzaGzqpKgdAglQbkFiHZR9tt1pNhmbqDtsIMfc5ZqFxyqTz4JfbJ0gbcA8l+pbcomuD6NSBv5ZMK788gHWC6VD7H827lGFv1z17+8bwlBMek6+K422fRNTH1tsYAwsQ0RFBMTrKdOCLYjg32R5+oxUdbvv26C0kdOSv2QVbvuY4TyK3NrBEWdEP7a14FvBxNTG81Ha2DBLTKVSdeCqqwiTH60P620BIUWk3mkFRoUmiAEhA9Kkfb5KYLiOe/ga1XEPNR3SjjNASJWfO5svpg7xsT8VL4/ZMtc9ejmgTUExbfpGy2CKBqfQwLDr6su9mndaZaKb5px8DEj5Zl7kUX3DM3nE9Ds63ISlFv681N6tCXshn3+EVsYAe2Calda4v3b+i0lKJ7/5s5MU8oaSs//1Z1Zo9zHxFGrR4ewYp4qvinuMcm8xIBj7ynrX+q3hKDYCbJHF1niq4SAcmoeIihzxxYzAbNkEdgx1w3JdRIUCxAzCN8pwjxQfHZKfV2vDxmci0PffVskKPyHmH9qX5W+Q0PtnmsTq4iw1hG0bbOFuT5lnRmk3dwsIRh8W2gxam3HkudL/UpiyvLvIXMebXF97tWceZc5pdbgcNKlpaplKUGh4WJaQvYJzWT5/6HxyL+sdqb2DfoWi9jM1CT0OtwGrvItXfuzSVBu6QIe9i2znTKFXGfnLVlQ1yzwzj+p878MqRx9xLWDnaR2dmBzhNOf056L1JEF9fOnrH95zxI8ZQHmZV+EWlwUxRzxvdF8cHwdMpnNKaclKMwAyhyS6yIoTBN20sgJDYnFBzFF8Nq5p2+RmYNFe88WCYo6Mgky4RYxZoydWpjumFMJnwd+HFM5k5hSaKCK0ETSSNayhmBc9XkErHYE/8oqU3BddkvK+NZo05iIAPTNFunTTCwlKMyqfGqK/HCzCeirj41W65uCfNfaQP59xRzr/0U4ttqeiebe3MtJUG7pe74mtCi1bDlp1JIFdc0CP2dBQ0bY4IvMnVDL/SZoEQRFhpzMTlX/uq+X4NmGo19VG7Jm9rkUglLaJsyXHb7kpWgJsPs4dzKVTWkMpvDaKkFpxzt/pJqwMFPU+VKQlTa6pq/tLfER7k4DWst1EJQ2omaIoNjQMHcVGfO/Kvcwv5ujiogKo7GpZSlBof2lES6CONEcTwnfnTolBH+w+jyv1k9FJBBH2R+aKjivP/Eu5qZiQr1c8gIUDOZ6fZ8CMxExdhI8+g14uQrYJwuh5GBq11xkLOrkVAs8J1324iI+vL5cCEP41Gmo3cMprvarKM+dqv51veYSFLuj1hFWH/FJOaYIly1JvyxSdtJ1jg1OiPXitVUNCkzY8GnKqM+LaAsnzXrn7xpywu4vV85a2SpBsShZpIuIUJHYr4gQcrv2IswstE1TUg65LPdZmOv3+H2rBIUJhJN8vVFGzKa0RiKXhPAX4QdCy1vLUoJivv+EqgDfeV8UZdsfQsHr+vONqTduHHj55rXyK10/IUJtnp6pPr8x11ODcktX2wW3HuZzwjePPVD4KEivb7JaItdBUKjkOcsVWXouCQe6+lRni7zFvpUtERRksbXvzwljnduXcpzYafc5Oo6VsVWCQisiv0VfdBMHTwkDWy0BXwJja61slaDYjdeOjyKXas0B34+HrG109VyfaXqrBAW5ahPMrYGgz2l3KUGRxVjCwKtKX4h6q5Gu34GMIetCj5GVYzmLX7Udm3g+Ccot3WCiaH0n2EFpMc4lVKJs88WB0ARGFS4Pgv832ZdQ0rk7fnU/1QLPMbfOtmqxETI6V1pnU7sIi30rp6p//Z65eHKAa309hCTOSb09hUu7gxOq/fmdZonKmCq5yKWYeOxALUJD8gYHTZEcJG2yr6kw+zEst0pQ2vGO6HJoLcLpk5mzyBBhnxpHfde3SlA497b+GMci/EsJSpuNWKK24ti9BvP2GX5rQsKlzB8SWkZ5jqRuSOlxVLvJoAh1qxdIaaQtPudIdc+Ew0RSwtGEDkr0JEStT+YuqJ491QIvCVWdcGgqYVzbjnZHyf5ekr3V956q/vU75uLZ+gkoo7U5r/mG5H2QfK8I50IL2lD67L0QlL7x6Te7SPl0hnJhjGG8VYLSahwR3dpM234PNkz8vI4hWyUofRm8fWPmwqvKUoIiyogTdxFzG7PcMYVpk8mH9pgTsXm/TwQo0KTfeEkNyuOHAG1AnUTKlXMdFtgu9lNHzs9dUPsWgDnRSXOcZFuV9JykVfUH1zqlsckycbWyJYKCsLbRN/yBhs49mjvBtOHafFD6zlgq5e2JoNCecBitE15pp0XKeFhyKKLntkpQWo1jG54u+oY2qQjTx9TZTnPH11YJSp9PF7+cNoPs3HbW9y0lKG2uGua2kmBtzfunnuFYS2vOPE+TWK/FNib88dqkb1Nl7u56EpTHd2l7+qUrx/ZDQYLY3tvshG1c/xQx2gJBaZO0WbjlvJgrJWlZud/kXGfHLb9viaD4XmjW6p2POtcLy9z21/fVuSzmaO72RFDgYCeNoNYmD7+LULHTXKLF3CpBaRfANmoNKW0XJOPsX9YMqOaZrRIU1TTeS1p//+7LD7MGgqUEpU1dz7m7ZPRd8/4lz3Al4J9U513pc/xdUuYu7k2C8oTdKFtq7XfCxELlOHW419zBwIzkg6yT+XiW937tGIvEDJ3p4v4tEBQ7AL4X9UmfCMrc/B4Sy9VnHclFU+c22CJBUSc+QdLaF1FndV8rNAiSl5UoHdqYcgzAUJl7IyjaKaKHs2B7IrDICnkv5spWCUqb96dNdy9Sy9xQp8Rn+qNpuapsmaAIPbc5LCL1QB1CvLbtSwlKq8Ey59OYTkUUra1f+5wU/vwey5rsgMJyuvSx3nFx5SRBecIu4+T5s80k6bAoOVGuKsXe6qyHcihWKRNbpzUp0pcNsn7/FgiK+rQp15EsC/gcocaVtKgI22yd5rv8viUNijpxdKsTbA2ZpuZg4B675Dqsts1G2VfOHgmKdrZaNb9Rd1s82sM8h/BtvyUO8FNn/aw9LHCuWRMJFTJcm2z68n2YG2SPLYKY1aGvc8dUe9+WCUrr+3Gs4ISlBEW4cJ2/BIayNdeh32vw5xwr+GGOIz2zbjFzH9PEt6bem3gmCcoTd4OMsvWOGIP2gdcHVK3pPHZGGR77FjRJe16vKnTqDIitEBRe7vVxAFNnTZQmts6mIhr81nd679YIil0NElFHnvRl71wyRuSCKDtnZEXmyTGzxl4JivnooT0mUIu7ibvOpTKEb6vhmkOaT01Q2qRlIrTaHDDa02a0tkgZb1cNxd0yQSnzYt2fQ2d/LfmmWoIy5/BX/SLHUBFjaWnKh7aOvm3aMsc5TAm/F759JDUoGcUzOF4c022AF6F6dZDXVUhKIT59tk2LfB3SNqXW3gpBkSxJZlW7DyL1vUicKbt5296xdPFbIyjaWZ/g7N8WTmafOkHT1GRUX5dDps4BM5Xue68EBSbMhHaSdY4Qv4tygrEJf0xaf66+LKPt86ckKIgsrUC98A1pCyX5El5ck1+5guzCr2Jq2DJB0VbfTd3fNEnqLGnbWpG4rT4XzP9zzB+TNpmee8dyTM2pm/FqU1pryIeek6pB9CY5tZPunLpf+z2pQenvAriwgzpNtIhFl8qVyYfPwFxhrkE4+Fv4GE207I21tCGG1IE0Kr/Y3EfLgMggTxJgFbmORG3l3W00j7NqRCUNiWRkUnGXSVgb2dr7tCfK2CJBYa57RBOWLtqE/Vz7x8aHsdWeQtuquZUtqqWdoDkmy3p81+bAva0mapvKgzI0RkzmdrP14XrunWNubaNlLOzCNh1I1y7yQsQ5p8o3VIf89iXb8n5+V3U+mikTjzGuznbQRURsvfvI93Hvgy8Kh81amAj8Zlc9JDRwNgx9PmBbJija05dtFWk3ZxoHY+Lsor50DG2bzanMZ2NaOBh6X5vR2rx/nwn/Oj5Evu12c1a0o7RootWGxKakPjHeoZH8lm60JEEZ735aE6q5OoW7fB0yF8pVYXFtF1ZpmLFgk6xcFj6UekdkEPqtFuF28iLUuwgDm4rRB2Xi4VjrA2OTpwavQ+Cuk6BohwXAUeVlPDFZSTzmYy+5PGgI5BmwwBY8fqPTTI35CGyRoGgzk4Psw/VJsn43EWq3nTDVvLZytvOnf/k5yXNT+yHdtttl1Q6iFndOo8rjuyD8UpInpEXOmVr1vDeCAse+4yf8juA+aOSzlRgOcWhDdGlBOSAjKe5xvRzMJ9NtfZ7KXILC9OTbMyf4f+RFDhcElplWwjnku4jvVg6MmuS0TVEP992pueA7MndogznBuKJtsgGieTE/SOx3zx5stk5QVLnvRHm/81WjWRDpBlvmT22mqS0noNdOtqX5cBRoUEcW0vDSSCFx+p/5DCGs/eb8RkPZavA4zfrdXKUcczbNse/fePEcotVG9BWCYtxJBudPewpZNhbv1m2IS1JD84q148ZLEpTpIWAg0liYiCwktfATsAhZNNxngPmA+nA1wfjY7KDu1/NaHxmGXU6+7KuZRc8iL0dEnXvDjp1mBjEwSfmYOKAq026t3hG4R0plHwnVY9ntc9a06FpAqULrrLDCPYXBcSAeOsyNJkVyoTq5lAnF7sbijLgVQepoGhCbvvMuTL6nrL+dUjnPCHFyVkytgqWS57CLNGovM1Zf0jQ7cBOcA9rq6IuxUaXvOIPWac/LgmyXP/ZNmiDfu3PeY4YsYgwiM85Gcg6LsYgAaRvyYrKrCdHDu8lW+/xRqQ8lhRtrCyJu8fMOf/5dn5Hi+1C2sQpD/9WGuSdef1M3edd1MF5tDMr4dU97do9QVSSmZGXuawOSgAjYGfu2a62GrMbw5DNWHyBnXH52p8G69fTU8X93IJme8zfHVIOo8plwwnf93Qy9Es7Gq0P0kP4iFnBEycJJ61ZEPzCFmU/KX99xBBZpBOvO3Rivnzf+mOL0RdHa+AZ8t+YOfVBvonxHzG0c6/Vdn8aUWYbmug03H2q3+ZTpvM+53jOtNq0tRx04wranJyMezNDmhTlrpLH0gO7Q2dZfiEaFdqUdw+ZF/YzMlnfoR7jSuC3R0i8Yipd16xzwL6tFp60tDYadjcXMx489W3yxdYPdR44cYNgcPy1GJoxHNh/yUC1NCHZA3uEjtcDzLEcMHDiFWJjgTJQm5XbgK9dCgbXPSR5mUi4TsPdycp0S7+ybzDwn5NhHzWkUKfKhI20+Uh+kScpuRTvqk1vbd9oRnrL++m/qSPe6TiZdfTgkSJnJmJoW/nbmiKZ2m7AsAiZlRM97hxYpjpMixvgr2OHZ9dstw4zfS6lzm3m21MtYQZpap8ypPrUbHeuPoefb9OBT73FdKm/nnswR+TGEDbdh+XP6xmYCAWYqhYm+8D0KaxWZYVEr6QPaHCWl/CETlXlTP+svY8kOGoZ264i+frNpsYA6zVbfDWWFHsPB94P8IoHGoHGFAPr29bUNBm0dU0BrumjNUWPvQYTaw1LdT9PHHDkmtUm3L5dU37NjuYOQSiZv/YZclTnEgg1D8ymSQ8ug/VOiLN/U7bpNhLmZBhIBZWpuU+3X5SH1TC2+a3OSbxKuCBlsjE3lqMvQAZfmASRIW9SBpsV4NLbN78qySbDBlPukPUpjqn27vp4EZdfdm41LBBKBRCARSAQuE4EkKJfZb1nrRCARSAQSgURg1wgkQdl192bjEoFEIBFIBBKBy0QgCcpl9lvWOhFIBBKBRCAR2DUCSVB23b3ZuEQgEUgEEoFE4DIRSIJymf2WtU4EEoFEIBFIBHaNQBKUXXdvNi4RSAQSgUQgEbhMBJKgXGa/Za0TgUQgEUgEEoFdI5AEZdfdm41LBBKBRCARSAQuE4EkKJfZb1nrRCARSAQSgURg1wgkQdl192bjEoFEIBFIBBKBy0QgCcpl9lvWOhFIBBKBRCAR2DUCSVB23b3ZuEQgEUgEEoFE4DIRSIJymf2WtU4EEoFEIBFIBHaNQBKUXXdvNi4RSAQSgUQgEbhMBJKgXGa/Za0TgUQgEUgEEoFdI5AEZdfdm41LBBKBRCARSAQuE4EkKJfZb1nrRCARSAQSgURg1wgkQdl192bjEoFEIBFIBBKBy0QgCcpl9lvWOhFIBBKBRCAR2DUCSVB23b3ZuEQgEUgEEoFE4DIRSIJymf2WtU4EEoFEIBE4DgIfFhHPOFDUb0fENxznNVnKUgSSoCxFLO+/dASeOiL+daQRXxkR73lBjdxbey4I+qzqThB4cES8VkQ8W097visi3mwn7by4ZiRBubguywofAYGXjIjbRMRLdBPTG1dlXhpBUfW9tecIXZxFJAKLEXiuiHjTiDAHFEmCshjG4z2QBOXxWL5QRNwpIu4QES8VEc8XEc8aEU/T3fJvEfEvEfHXEfFXEfHoiPjdiPidiPjViHhURPz38bomSzoTAm8UEd9zAoLyThHxwAVt+J+IeGxE/GNE/Hk3pn4+Ih7Sjbe5RZ2qPXPffxPuu//h+7/7gob+V0T8U9e3fxARj4iInzzMNd8REeaVlHkIvENEfGY3J39RRHzyvMcW3fWyEfHLSVAWYXaym286QXnyiHiXwwLw/h0x6QOaOcDfM0XEk430hHs+OiLud7LeyoJPgcCpFvTn6XZjtDT+bn/YmT3/igZY3B56IC8fERF/OOP5U7VnxqtvzC0Wsdfu+vXFu7njmVe0Hhn98sNznxQR/7zi+Zv0yG07YlfPwW930B5+85FBSIJyZECvUtxNJiiv000OL1YBaAdrMfj+iPjxiPjLTmtSbqFRuV1EvHxEvHlEvGZDWu51uP8eV+mQfPbsCJxrQX+biPjWpnV3jojfjIgnjYin7zR2LxMRrxcRzE71ZEx79249ZbSAnas9Z++oDb/wCw+a1Q+o6kdbYo4gNkEcMJkPLH5v0bMZ+uOI0G/GQko/Au8TEV/aXPqSbnN5TMySoBwTzSuWdVMJyj0j4jMOKsLSfup1attP6EjJXFif+7Dz+ciIeN+IeNqIuG9EfOjch/O+TSBwrgW9j6C8XET8ygAKL9qZiF6luv6fHTH+vhHkztWeTXTeRirREpT1uXXeAAAgAElEQVR/OMwFYxqVN4iIr4mIW1X1/7ODqfGVDw7af7KRNm2tGjaDD28q9cEHx9YvOHJFk6AcGdCrFHcTCQp16idWoPEbedeI+PorAPkpB/+Tj48IdtEPvEI5l/Dot3e7wL2MnXMt6EsJirFg5/1znSmhjA1mHg6+/z4wWM7VnksYq+eq41KCol5Mfj9d+bj57Rsjgp9FSj8CNpU2l+Yevll3iwik/ZiSBOWYaF6xrL0sMnNhuEtEfFtz83tExFfNLWDgvrc9ONZ+S0R8RUS89xXL2vLj/Cqoo5ke9jJ2zrWgryEoxkIZW/W4GBuz52rPlsfpueu2hqCoow0N/7daXuTgF/f7527ABb2PZuqpFmq6lzQvCcoStE58714WmTkwPUsXcVPHuv/gwZueuvWqIszzNyLiqyPi3a9a2IafZwIrnvN7GTvnWtDXEpSn6KI/5Dsp8qCIUF6fnKs9Gx6mZ6/aWoLyGp2vW13hD4oI5aVcDwI0W7XZNcOMr6cfHvfWvSwycyAUnkY9WAuHxEfOeXjiHhoFXvi0M8JL9ygcOZkXSiTKXsbOuRb0tQTFWGIKqH1RaLFeIAnKZj6ztQQF6eT8XH9LX9uZnDfTuBtWkZeOiF+r2pwE5RoHwF4WmSkITQSc0GhRivxiRLzC1IMLrlM7crY9tk10QRVOeqtsivI2FNnL2LkEgvKwzjm2YC93RsnP03b6udpz0sF2YYWvJSiaKdT4Gar2fm8XwXVhEOymusLG5bQqkgTlGrt2L4vMFIR9vifySnzu1IMnvi4KyM74Obs0yxwf/6YzRUnSJQfGsYSWh33Vn/cJqZYw6qdmvIf25DubifOYY0dI5qt2ie/GIlRgIRzXvTQ5zHXq8bdd9IO2CPFcIuda0K+iQZHr4a5Vo/63C19FiI9JUIwR0UMmaSH1CP3TddpB0SXG5B8tAXfk3quMx75ihfO+UudQ/BwHR3gYPabTkNqMnHLjcBWCIpWB77GISBU5VtbIU3aZkX3jvtffmijknPPPmvac4hk+LK9+SDHBn8784RtCEs0hiIl58feqFy8lKMz95jN9amNsDErORwvqPceSF4wIqTKYgPk+7lKOuchsGaC+zI+veDhj4ReuodImZmagD48IJqYh8aE4I+JTu4W77z6LiUy2feIjkRHRGRPyZ7x1l2yuvVc2XNdltmxFciQRTiILnncGVmVXP3TWTW1ft/AJz36/Qzgtx0Aiyd3/G3iPSftjq4+y7zaEzgQPsx+dUV+3XAJBsat+w6o9Jj0Eok/WtMdY8Y2YXGtfl77y5QfSR7/Uc/HU47GvPnAwLmR2lUyxT5DWL+tSC8Du2HIVgkIbRvtaRHSKb7VvbNb1rs3TyLoD73yrRUv8VofNiIi7Vo41/1gcf2QmkBbRdrPl25fHZEh+rPvWx7L2mjva3ChD5b1+F2nJ72cs4SZiW6+LcwiK9r3XIaHnR0XErQcqIFqU75go0r58Nz/ThZm3j9f+Zuplo/MhHclyr00mQrpLuSkEhQOrybcI1kytyv57TrFjYSYppiUfA2JgMZVCH7u3WFiMykLhwxbv3/cx2zVauOUIsMOu2/g53e+0DVNiklSnX29uHPpohspDUJSF/MnpINnYm1Q3+zg/rWuPrLt2urX0ERQfv8Wldj620/nu7rgBk7sdv8R5z14VxmFZRNXUznnNgj6FZ9/1q2hQ2MTZxovop/rf9fvWtKd+hhZP6n9ahz/tNBEmQAtKWUgRUBO+XWEtpx6PLa7GrAWkaCCQD6Te924Rop18yy4RnmdFxxiPtQp/TV+2z6wlKHbwNKa11KkKfE+v1n1LQmoliSyCIBgXnNYtjjXJcU8fQTnm/FM0VpIKIog1sYXv13XHNTgGpC8DMm2P+cqxIjZC5gOaWgRYPqmf6I54KHOinEEwMLcUmUNQvOcBh43cO1bPmfeNG/XkO2iz5A+5EMKvPkWmCIo5xz20d8R8TXslPYDvRBvVu5Bn71MXCUFrsUmj2TFv1pFd1obX7Q4sFGbdbmqToBzjC77GMgxQA7JmzbQGdQbZc1TPZERF7swf4jwfpMJOoRUfiiO+DdgiEsLde6SibX4XyaJMDv4cGf53hyRyfrPjtJgze9ViUarJRPsqKv5aizKH3La7LL4UJsnyMSOKFhVmGxNsS1C8wy5QxlXifmTti7uFs66jRHn3OZxjI+NkEROFZxHBIVmzoK8ZL2sJilwoMDJ5F9H+OnNpXZ817SnPIKT+3zhpxcLAhGZhIhbHesFs7z/1eLSQ+J6MHWIiF5LdLvg0iMa28UHsXrXlmKnl1xIUB9MZo7WYE9qMw663eCIyNC0l2Rsi7huXsZa0BOWU8w8TQ30COCfuF15wNpkz0IppF6n82Z7x56eP67Sj5fIUQekzTSMGtG1MOn2yJMwYKTMGy2YBoTeHmnNrYU6ibbKRIoiLOXAoQKOer2jIfXe0Y0V8n9pmk50EZaAjL+VnhKDNK4Cd0zqcU0w6JTTUAPT+PrNKqZOFyeAvgxozt5vyW5+0E5hdFfXokIhoEtlUxOJvEvv7gQeOQVC024dKi8QUY7HwsdqB0ay0BMUiXIdcus8uYkwku3JGRxGZfe3IhmTNgr5m3KwlKHZTFqNaaKaYffpkTXvKM5IMtu+q30FrVZ/8bGJutW7l/lOOR5Mz7U0huhzg7VSHbPxlfJW6TZH9pf27lqDInYRUFfEt2AT0maFaPN1rsbWwW8D4TTAj/MBB+3DHHoJyyvmHFsRiW29ajHfmiTlSkj8iJnW0WvvsUoLC7FX7GZp7kKEx374lBMWGkamemD9pq2lO+sRm07pTZEwz026oaAT1HxKOkBgfpbwkKHNG2IbvMeBbVfSUtuDYzaG2szstYoEuWoGxd7XOvc4Iqn0R6meXLghMJ9h5Ha5K49Gn0fGeYxAUWqFa1VrqbxfMkUw23+KDQr1tR1Js6jRO6jp1+qsJ3mRdVN4Il9+GzHlrFvQ142MNQWG64OtRa66MozGz3Zr2UJ/LrmxH6iTlIfmszs5erlNdW2T75JTj0S7VBF/E+VfOwRoS+NUp5I+tQV1DUJhmf6jR7H52TyqE0qYWT+bLPufIMt/VGpRzzD/mVGOvCFMN7dWUODWeCYiG29xgjhiSJQTFBg9xZbohCATTzZTj8FyCYl5SfjFtIe80YmNivuWnRZAQ89mjex6oCYp3DPn/IafljKcpnC/y+hw1/UU2rKo0G6mJoBaTqsn1XMIfolbR+X/5DqaEOr34ppRB7WTcPsfYpQuC8troELu5NtNuqeMxCAoCMpQnhq+ASYQZiHDcrTP8+n8ZVOcItXk9WVA/f+XAg2sW9Dl1aO9ZSlDYpO2akIcinD1N+kPn97jvlO1pFwjmNKfx9skpx6MxWpso7eCnDtqzEFgMi1C7j5GxJX28lKBIDmkhrn2maKJoSIe0QEvwtKunYSvarXPMP9pkA1XL2FlT5T4O7caVvrBgj/mMLSEoyDZTaBGLeU2ghvp3LkGhbazPAaLpHHP69b4HNvOf4AMa31ZqgmKTVo/b+l7+KLRln7dksF7SvTeBoPR9OGML5Sn6z+6/dghln6UxmCOc/uyGigxlmlwygZWy7DqFWxd55865ra9epyYo7TtrlbRrS44k4KfCXFRkC5lXpwgKLZIxwkmadg2Brh0f2Z35HPzwxKA5J0EZ8wE45XjkZ1IyQlvQaNuYN8bEjl4ERxGayHZBnfM99t0zRlCYo+zm7YJpMixKHIxrsau30FiMhmQNnqWsc8w/3sX3onbinMqsTYsrbJ0fjSzVyMqYLCEoCAlzTpG5BwvOJSgtSbZxMMbGpJCxcg8T+8f0PDCXoKwdrxfz3E0gKH2nYNqlO/b8HIKM1HH1cyfUUjc+Fzzci2Dh79JT8TUTWKuy3xJB4WhXstZq7pwJoMBSO935ze55KPzvlAt63U19BGXO+DNZMQnyx5lz0u0p27NkgTjVeLTLrqNCkJU2GqwP19YEwU+JBvEY0hKUuWXyI7HrhutQaH4paw2enj3X/ONdIu1EzBQREeYbpgXuk3LOlPt8n4jUmCwZf5xg61B85HTM56+8dy5BscGUi6TImD9WuUcYsjm3iBBpJL+VJCgdIjeBoLA7tt7SJcZ+7kRylfs4FbJPFhlLU973Hs6utRqdE5adWCtrJrCtEhQ74tZnZInWSYSWyKVaRHH0LQKnXNDr9y8hKPxmhPlyfvyahuBOjcWrtIdDOSIoQka0Ffu9XW6ZJzhs16Hsx9agzBmPQi5rLRKz4NACWGNVDpkrv42Z/aYwbq8vISi0JBzdtUEo7ty8LGu+b/U81/zjXTR+NCIlkshvTnnnAN8nnFb5vc1N7z+XoLQ+R96tTlMEyH1zCAqtGEfbev1ElKe0eOagOmuw/rcpbCUJSofITSAoBkRr10VYxpKkLZ2gxu6n0mVSKsJWzmY+V96+cRwTu28BaWXNBDZnQSjvOaeJh39Aq+6eO8GoL5Ux57Ja/PYXPbhdZUGf24fu6yMoTDnFd8KkJPSVKWdqNz323jXt4Ssg2sHiv0Sug6DwVZLM7KoyFeW2pPyWoPAVYqorYuHym76dyssz9N4137eyzjX/lHojJJ9SNWLIt8QcVsa+fDYI+ZTMJSjm9jbUlz/fFIHw/jkEBdmdSyzH2jTkapAEpUPtJhAUTaUSrqNVTBKIC9XiqYUjYZ3tUHbXevKaej9TVJ0R0iJbch/Uz66ZwLZKUDgCt972Eh3NTRXt3jZc2oTYl6BrzYI+1Wd916d8UNaU2ffM0va43/gq/i52wHyThDT6f6SpTJhzFwj1OtV45GTNzFlkiLAfC8855Sx1kp1TZnvPGjyVca75p9SX4y8tcX1WVF90zucfcpHwp2N2qX2DxrCZO/7aU6L/oyeR3dB75hAUTqtt9M3QBmhNXydBuWEEhcc8TUQt50p130ajTCW4agd0sdOW35GtkuxtrwSFbbd1IuYUKRHVHOGT0Kpzldl3jszSBX3O+y+FoDDhWEyKrZ6WzAQ9lMRq7gJxSoLSfg/GCfPfdcqWCcq55p8af5mfhUEXafObMHXQcNpIjIWqt306d/y1fofHJih984sNsG/pGJIE5YYRFA5xbTjXuQ4LbFXSHGZLLPycwSwkmTd8ESGmdehp+X3NDmurGpQ+FSpnuzlOovBoHSn9psy+DKk3maC0i5fwVNl4h2TuAnFKgiL6pk5SN3Yu0Zzv6xj3bJmgnGv+qXGkrZRcrNbQ1xlii1+d79lma+6hqHPHX6sFUTcZxeeY1+ZoUGgb23xMt+8xK60dW0lQbhhBwdip5Gqv7mP7oXC6ExtvAnVCaZE2SRLTQ0k+NmcAy3rpXJ0iQ8ex74mgcEJjsy/pybXdxCFr4hyhHaszOnK4Fcbbl/L+JhOUNi/DlC/A3AXilATlDj2HfNIEnftcrXocbpmgnGv+ab9LifTqozNsEPnDEMkHbbKE2NbZrKe+7bnjT0RQqy0d0qC275xDUDxjfirHLPi3vEt1MMRUW8auJ0G5YQRFcx2qJda+Fhk56wyvVxlUxYzUJoCSaZDvhGiIIgjKUEr5tg4ieOw4inx6F5bY3rcngqJtbd6KodNZ+/qsdQwcs3PfZIIikqR2jBX90DoX1/jOXSA8c6rxyLfB4lCfrXXM73jNHLBlgnKu+afFTa6XH6x+pL1AEpAHmb1pIPhyDJkT+/ph7vijuaEtrSNm5hKIuQRFG+q0/FJB1CHEa8ZReSYJyg0kKHZZvMbr3Bq/0A2yOd7dUwOunJjMPtkeWNaeCmxR4IQ4R9rkR2/WpPkuZZxqQSjlnzOKxztb8xOCqY1zpDjglXudmUET1Sc3maAIdy0na8NmKrvq3AXilARF2TKk1pFwEmC1m4854+RY92yZoGjjOeafPiyZo5k+igg3RlDkcZLZuT5gcE5fLBl/7Qan76T0vnfOJSjOrKpPHZ6b2n9OO5OgdCjdlCieMijkeJD2vpzI6velasa+AWaX8thuV9fn6+Co+joN8lAGwbbs1pdiLB30uQnKnLC99jTjJRl86zBEuNixSAU+Jca0s1Zqx0lhh0Mnh95kguJbcBREEYfvDR1G6Z4lC8QpxyMtYp2Bkx+KowGOEfo5Nb76rm+doJxj/unDpfWfs3FjFjFfrvHZWDL++BjW5zMxuxsjU6dYzyUofRnKx84yWzKukqDcUIKi2dg7p9OanDmgrk6NvmQwudfCWbIU9tnDqRotmg5/IyJMOIdN2c2RGpNLkbHTfE+5IHg/59560Z+TOO0qBMU729Nz50ReiQr4pgozp7vWKa/bvr3JBKUdX1PpxpcsEKccj5zMhRfzVSrCxOrbPoY2dOn3v3WCco75pw8zjqmiDtu0CGsTZS4Zf/Im8UOpj4twZo0TjsdkLkEx9syJdTZZmj1zXqtBXzqekqDcYIKi6XJSyF5Yx+o7jM6urC+Z19AAQ0YQCBO78zbIkLd4600vQ6goiiFRR6m4yyQskRFb+5An+ikXBHVkknICaxHRHuWo8aE2XJWgUAcLyy7Y+n85Dobyoch0iiiWQ9jcZ6dWp0ZPgvJ4BNqQXXjRqLRJs2jyjHMq+fqAu+tI1FZqXx91X36Tz8WY/P2R74rvigV7rg/YnMVl6wRFG049/wzhZFPVZpJ1ptSaZHtLCIr6mJeZhmuRkFAyub5kiLTC/NfMzUU4+zKr94nfHUNRCzcCPoNTafWlTRjyv0mC0iF600w89UCSDOz+TZIgznfMEE7DxfKZbWoxgKX6FkkgWkcm0DrSxL0IRV+0iGvUjiJyCu5U7D4gg1nKbsK0wbbp7JVCTvi38Ijvy+NR6ndqgtKeI+G9zjeR48AuhYOlNjiPo8hVCYpyLJgms0JS7Fo4pOmjMsnQTEkGBYNyHyc5JK921OubZG6yBkW/SYhX7wKFfCKjMvlayH0n/D307UO7AwsLjtdJUJgJ1KfVjqmnb9eJ39rgG+KUzr+G5kV7+Cjdc2DRWfPzJRCUU88/Q7hZiOUHKfOkOYypZY2maylBEZhgjEj3X4t8SqIh5dAxXswf5i/5U+RmqYUWtz4ZvW2nrLkITyt8ByXlFD0qD4t5yRikOS8n0tdOtvXzSVA6NG4yQSkDAgv+kO6E0RYPBIU5xoDhW2Lw1v4r9aCySxcVcfeJGc5OBouvzSUGMDat/Jrw0JZg84hNXw4Pky//CgMdMajP6EF+nLjpI+GsVrLm0voI8ZPNlo24zmqLcHxLRzra4+stVnbWzrkZkhIC7QPkzwDbu1Y3WzSEtlLPl782n0Bf2Q7i4pTGh6hIOYPFIqtvatF2WSrbNpR7kExE0H+ViWwWQYCcpGzh9kdrM2WK66uzcUJDpn/80eTUYe6ecYaM95ko7fr96bO5GXOP0R5jx8mvhdj1tUVfIc0WGn1YxJhyXhC8Lfrs++caj+oAY7tzfd1uFPra4Tu2I0a2kf61wmTBlFj61vistbHKtRCXfvVfGBpXS8QCy+TAtOlb9U0VcY6NxVO5xqlxVDY5Y+845vwzty21KfEejW/IWBm0XeX8J9+rSL7aqZtjqv7Uft86M3qLAY22+ZYGcGjuLnUwD4uaRLzrKDEYMxV/8cCc4jwdTv0IyBxBXmjr1b2IMaV/9TWtUxFzj2+rzJfaeUzt35z6Xts9SVAeD73D0eymTdgOGGRewP7t1ExsFlI7dkRCKKbdmQ+D82VhynM70sTjY7MwIhUYvEXWYFS+QWgXa7EaM0/YEdYLxtD7kZeS7M3OcU7uARNuSx7Yde0Y7Cj8vwXJoirnCFUngmNCmHuWjIXF7nOuMDG9eUcqhCha8O347YgsCHbO6kGrMyT6c279lFFjN7ee7lt7XgfyiFDOlWO0hwbFuKCNMMmaqDkVwhGexqEdL0KMtLeLsboie/rinOOxYOT7kYyRxg5p8N0i1OqqHfCkpXxwzxlPc3Gu71tzHpANRkukp97davfG7h9zBG+fO9b8M1X/ch3JMFf67ny3c52Z25T1U+8bw8CmyTEJd+w0hmXu4C8ivxKSzaTOxO+g0b6N2Nh8ZaPEZErji2iUOR2JN6cjxKKpHjbwfbeRVkNtfVCnGZ7CYhfXk6DsohuzEYlAIpAIJAKJwL4QSIKyr/7M1iQCiUAikAgkArtAIAnKLroxG5EIJAKJQCKQCOwLgSQo++rPbE0ikAgkAolAIrALBJKg7KIbsxGJQCKQCCQCicC+EEiCsq/+zNYkAolAIpAIJAK7QCAJyi66MRuRCCQCiUAikAjsC4EkKPvqz2xNIpAIJAKJQCKwCwSSoOyiG7MRiUAikAgkAonAvhBIgrKv/szWJAKJQCKQCCQCu0AgCcouujEbkQgkAolAIpAI7AuBJCj76s9sTSKQCCQCiUAisAsEkqDsohuzEYlAIpAIJAKJwL4QSIKyr/7M1iQCiUAikAgkArtAIAnKLroxG5EIJAKJQCKQCOwLgSQo++rPbE0ikAgkAolAIrALBJKg7KIbsxGJQCKQCCQCicC+EEiCsq/+zNYkAolAIpAIJAK7QCAJyi66MRuRCCQCiUAikAjsC4EkKPvqz2xNIpAIJAKJQCKwCwSSoOyiG7MRiUAikAgkAonAvhBIgrKv/szWJAKJQCKQCCQCu0AgCcouujEbkQgkAolAIpAI7AuBJCj76s9sTSKQCCQCiUAisAsEkqDsohuzEYlAIpAIJAKJwL4QSIKyr/7M1iQCiUAikAgkArtAIAnKLrrxxjfiLSLiSSPiITceiQQgEYh4m4j4t4j4zgQjEbhkBJKgXHLvZd1fICK+PCLuFBEfGhH3TUgSgUQgPiIi7hUR3xUR7xsRf5KYJAKXiEASlEvstawzBN4tIu4XEc8YET8WEe8aEX+0EJpnjYg3iIhXjojbRcTzR8RzRcTTRMSTRcS/R8S/RsTfRcRfRcSfRcTvRsTvRMSvR8SvddcXvrb39g/u2lNfvHtEPOAYhU+UYR54+Yh4vYh4uYh4sYh43g5bWPxXtyN/bIfDXx7w/8MOi9+OiF+JiD/uecfzRcSjF9b/XyLiHyPibyLikV3ZD42I31pYztDtTxURrxURrxkRLxsRLxgRt4qIp4+Ip4yI/+ja+g8RoZ1/ERG/37X1N7v6GA+tvFNEPHBhHV81In5m5BkYI+FjYow+dXPDC0XE10bEa0TE3x/67P0j4hsX1i1vTwSuHYEkKNfeBVmBhQg8eUR8/mHxeL/uuc84LKAfFxH/u6Cc14+ID4mIN+mISPvof3aL5DN0i9ZQ0f8dEd92WDzfbsG7h2792Yh4pebiwyPitY9Q9lARz3IgX4jRe0YEMtEnFmrzBCzG5guL9ps2Cy4y8LYR8eKHBfIlIuIlI+JlVrbn5yLiIw8kCiZrxPs/LCLevmtLW8b/dIu5xf5pJ16ACL9oR9zKrQid9t+m+0N4/VbL73Wk61Ed4XrwQfMH3yFhukQy7hARr16NRWQQKUTgHhER39JTAJPnZ0bEPbpr9+nw086UROAiEEiCchHdlJXsELDg8TN54+7fH37Y5Zt454rdMpMQrUkRE/b3R8T3HXbVP9RpAupFw2L1Ut1umykJqXm66vmf7yEWc+tT7rPY0cq0gnS9yEE79AdLC5xxv131px/MYs9c3csU8O0dHr8YEX8dEcgaseA9T4cDjdNbRcRtm/dYoL975N3P3pVZ36IOX939AFcaMYs87QJfCsSoCDw+t1toZzTxcbco87M6QksrVuSXDwv/d3RtRRgQrLJ4P0WHOw0LbYu2PnfzQuXS9gyJun9rc5F2CrFYKu9+IJD37/rgYR3po+mZIwjKZ3c3IkR3a4jVnDLynkTgWhBIgnItsOdLVyBgcaHqtwgSWhRakLmClNB2WACL/HBEIDlLFg0mDxqHj+p2yJ618FxFPvHw8Cd1ZoQX7haiUp5rn3KVwptnaQi+PiLeuvqdSQVRYDJjMpgrtz8s6p/QLeDmkrfs+mjo+T6CMuY7hJzwK3qPpsBP7d47VU+EFGGiuSnCRKfvLNZzRduMO33xCt1DiN2Y9uNYBKUmJ8Y/jVQhjXPr/8WVxtE3cNeFGse578n7EoGjIpAE5ahwZmEnRODeHZnwCv4IFse5u0jkhMOgnXGRLzns5j/gChM1fw0aF74oL33FdtvBM4NYrO988Kl53ao8ZgEalmOI9sOh1iDxrfHvX73CC5hd+HRYPC2AQ7KUoJRyEKp3qAplWmNC+Y2RdzFZ/XRjuuLvQfvGL2ON8FH554hgZnyOzk9mqJxjEBR+Vl/ZEVaaLcRiKTlRP6RU//ItIggvspWSCGwagSQom+6erFyHwBtGxPdWaJioW/X5EFgcBmk5as3J13ROtlcB2AJlcWeaQS7WyisezEb8K5gXOOm+Ubco1eXxQ/jJtS+onvuCw6L6gdW/OQDTCIwt9HNe+0WdI+Y7HrD4hpEH1hIUvhzMXDXB5ATKMbpP3IeMcPwtgkgyG/3TnAaN3KMcJj914jQ9JFclKDU5YdZkmllDTkr9EDxEjzCVIcGcy1MSgc0ikARls12TFesQsPuzKDB9EGTDwjPXKZaWg7ajCL8KDpOPOQLCojz4ISBBa4UJg6nqR7p6PlMXOVJHZnzFYTF877Uv6J7jS/GjjaPrxx+0AZ92xXI9zmGZGcGiivwNyVqCorwfjAjOzXU/8gvpc/rUrtYspv0/foS2fnOnyWA+GosauwpBQbxEb/H7YYrihH0VcqLZyuJQW7R9tHa0UHO1kEeALotIBJYhkARlGV559/kR+KDO36S8WThn2QlO1abVvLifBsGO/xhi0eTQORQBM/UOfjV/2oU2IyCICKEdssAV4etgMZZ8a60wd7xK9bD3In3HWKBoeCz+79U5cw7V8SoERUTKPZuC1b91IPYOYcG1cy2zE/PTMUTEGB8Y5hL+LEOylqC05OSYTq0I5FdVFZYj5cuOAUqWkQicAoEkKKdANcs8FgIWcAsQ00ikp1UAABAbSURBVAexi3zOBT4E39OZTEp9PG+h78tjsabOTAl2pkscS+v3FALV1kt4KZ+DWuyi7d7XiKibNt+GaBgJvY4h5hERVtrBP2RIrkJQhAircy0Il/DsWjjAitqp5c2PmFXVmNTv+nxMi7eGoLxLRyCMKaRKSLQcNMeSZ+tyu5RoJt8W/6YMPT4WwlnOURFIgnJUOLOwIyPAobEOW6WxqB08x16HyPx5ExEj9bfFaivCj+Kdu8WzrpcFUIIwieSKIFtCnNdI63uiDL4nQonPKVchKMWMVNeX6Y5prBbJ82qnZWQUKb2qiWQpTksJSk1OaND4jByTnJT6M/PVuXXu2Dl7L21f3p8InByBJCgnhzhfcAUEygJeiliSzr4vs6dEX6KBtiDClTnZymDaZ7b60gPBep+qojQTTEmIy1JhipBPpYiMsJyG5/rxLH3f0P1XISjMO8w8tYjkqqOPaNrajLailt7sWA1YUM4SglKTE0nXOBufgpyovm/gc6p2MPm0YdwLmpm3JgKnQyAJyumwzZKvjgANSJ0gy85vbibROvdDqYkIGQnZtiBMNtKPi6Sh7UEaail+HfVvTDKtmWOqLSXaqL6PuUdEy7nlKgSlTwsEN07PRUR3tWYw5p6PPndDOx+iOYnaaNAkqmPWOTU5AUMJjy+QSM5XTKjXAFO+MhEYRiAJSo6OrSLA+dTZJ7VY4P52ZoU5bVrka6GB4By6BZHF1M7eosQRshXfphwodYQQ84XIiyUi8oVprBZZSTm0nluuQlBk7C1J0tRbaHSbyZbzKifWWpY4VR8TjzkalJqciLCR0n7Mh+cY9UPqRJ/Vwg/FWEtJBDaFQBKUTXVHVqZCoGgYyk/CeesU81NgCQG9dXOTBFunXgCm6uU6Z0XaIb4m0qi3DrGlDCHAH9sUuDRdukyk7YGDyhWKe25ZS1AQEeSsnq+kb2+jeoQ4M5fUcl0+FlMEBXFSX5oTwtzGORpxPbWIBuPUXOQuCzPrnrp+WX4i8DgEkqDkQNgqAp/cpDPnR1EyYc6pczsJM6VMHQI3p9xj3OMcHKHOwoednjwUBdSnRZI3hS/OXOnz3RDpUvshzC3rqvetISgWcI7SIp6KSLbGp6Y277gmmV99n99EMEmEd24ZIygtOSl1k+FWjp9TnL1Ut5+2pOQV8rvjCmifUhKBTSGQBGVT3ZGVqRBoHWQtMhabOWJct6GTHFKRgS2IrLCv1oWUTjkoirSpM6Jqhyymc50oJSxrtSUIklT/55alBIUDsTwddZp7dXYWkhTwrZSU+/Xvsr62psJztHuIoNAGGdslPL3WZKjXL3VjY23o+py2teYyGra7z3kw70kEzolAEpRzop3vWoKAE4brkOIlIcZMJ20CMr4naxOqLan31L18SiQSI05H/oGJB2hL2hObl+T1cAjgxzTvmEqoNtWGtdenCIrIJofwCRPmO4O8cfItgnTSCN1roAKF+NWXpxKqrW3L1HN9BEUEmf6UhwTx8m95XOpwcuUeI3PwWP3a7MrXFek0hWFev+EIJEG54QNgw83/5YNvhuPui/DT4K8xV/iaFPu+Z5zYK438dQufEj4gNCHPM8MnRhSTSIuSXEv9l2RG7Uv7LunZ510DEH0EZW41hBPLhfJTIw+0C69baZ+MpXNLH0FRB/lYZEcuGVw5Sj+sx9wuoyxNyynEt8TfpcgS7eQp6pNlJgK9CCRByYGxVQScWOzMnCJLFmXP8E+wIBbhhGiRP3fujxZf0Scv2YXDthEnQ33xdY15i/r/VjPPE3Ji8xc2BfPv+aRr6PglBEUbkRIaBqHDPzGjvu0RAR5xKJ7kZOeWPoKClHJIbdsiFJpfUC2cwpk0H3mCivuW1KPImuiwE1Qri0wEnhCBJCg5IraKAEdBB7IVkTOk9UUYq3vru+HeJWHKp8BFBA4fg2MIbYJkblPCHGSHXgvCYhd/bukjKExQ8oAU4dzMeXjNqcNyxNAO1YIoPOjcDR3Ig/KaA0QLcf7hw58DDWv57S60eg0WY03+pia0/aoncl8DvPnKm4BAEpSb0MuX2cY2TPgbugybc1tj0aMmr4Vfg4XguoTPwYcf6eUO/+NoOyVIXhsVIkdMuxhOlXOM61M+KFd9R3sYnvJEp4hSObdMhRm39aERc1K3PCW10ApJQHdMcdhmTfb5RNWZho/5riwrEViNQBKU1dDlgydGwK5OAqkiQwnNhqrhdOD2pNbrTHXPH0YadhE4azQYHBnbs3he/EDa4DQlf9aZhMp9duT8cc5t7jo1QYHHoxowrssBdClBUW0EmnN47Tvl9yVHPEyNBdd9S/XpzqKcRDulJAKbQiAJyqa6IytTIcD2XmcKfXBjN58CiwMq59J6jF/nYYF1RtdXn3D27GubrKOt0+TchGvtuT7Kv7TDAqf6u1xvfZccFkg70UZ1zS1v7X1rCIp39Tk1c6x1zAOt2THkIQdtzVtWBdHcMD+mJAKbQiAJyqa6IytTIdCGjErW9aYLEWoTd8kdItS4TfW9sNj/u12UEVOSyBw79TGRa0JWV6YrocZLtRfP0EX+PHX1krllvUrP4rZGizPWPiSIdmjstOhTa1DUry8x3TH9UGg3EAXjkbPxkKwlKH2J6bwD2UYi/mbtYK2eczK2c6mKcCLmTJySCGwKgSQom+qOrEyFAMfGt24IS3u2zhRgJt3W58TBcaImjiHFjMSez4l3SJAKpxAzq8jg2kZszK1Li4nnHP72IzMK+LHG78SZRi9wON32n2c8O+cWZiSmozryqn3uHARFThGZUuVTKeKAyHpBntOeoXuKGenLm9Om2/vXEhTlwElodJu3R84c7WiTEC5tj1Dt+rBIUVKOlkhJBDaFQBKUTXVHVqZCoD29lsnnZVYgxDRU50+xiLK325FeVcqJyez5QjeHpF6slp6lU5fpPfwHaqHBoZmZEvlAhOw6j6iIXCht1MtUOX3Xy4nJv94lWRsq4xwExbs/OCLu11RC3o82mmlNW8uJyY4q+MCZfV5uW9L3HKCRyrq/lCMz8CeuqXj1jH6qfU6WHp9wxdfn44nAPASSoMzDKe86PwJt/g6q7Tqr6NwaeYaNnU9KESpupoirHhxYzFDs+Q8dqVCx+fOPkANlrci0KpeGFPBFHtul8Jc3Y0pklBXWW0T7X2dmjpGxsmX85dw55ctwLoJiXtPH9bk8CCmS1p7fM4VZe71k5p1a1K+iQSnvFPEl8qsW2hPO0rRCa4VfzrNUD79vj0P52rLzuUTgaAgkQTkalFnQkRGwcLamCwu0PBlL5XZdsq56UqaJeMcFZ9q073SGisWObwjfGD4JfeKdzDtPebgoOdqY38Kcdgm3fvvmRg60krnNEWnUnWVThEbJgjcnEdpQ+YX4OOPllUYqcS6CogrP2I2f+hwjSfI4K+uPtYIYOKJAuv17jBRyDIKi+Nah1W/Mc7Qxj17RCCeCI7W1DOVnWVF8PpIIHA+BJCjHwzJLOi4CtAR2es7VKSKqxyKzRjwriqdO/kYDImHZklTokmrduVugSu6IsTN1nHvDX4Hwz5B86yri3a22Zsk5Rb55Pjj14kr7Il8Ik8+SQ+popeQY0UbOnXwbRCgNyTkJijrw+WF6u2NVIaHeNBNjJrm++iM6SAmfH/IZnXP0UFuPRVD40kg6WJ8+7J3MdXLZLI1OQtYfUVXa897htO+URGBTCCRB2VR3ZGUaBOzq6wWP5kAWzLViwXLwnoReJdcElbmzSSz6dsd9ET6ibixQQj35gTgfp5axdOrFOVUG2TusrXj1HE2MOtZOoNrA4XWJXw2tCR8azxX5w4iQxAuRsygKb63labvzkYQo8+mg5apzdmir34bk3ARFPdSPnw2/jdo09jOdP4/oK7lk2qgqddXnIqD4ndQh78qdOi7gWATFu9QD+WtPPl4TidWGq19X0r4jfApZxN4RSIKy9x6+7PZ9RHNy7bGcOu0i7aKRDWajWmgQmG5oFRAaRKBdGMr9NDwP7xJpWdzJbTrfB+/wh5T4zhxWSFMjkZg/hGXuGTHIAN8VGhh/Fqy2TsgJHxBJt/whGVP+Fspg7pE2v12ALdiP6cJa3QcHZpO+OQNBcm4Oh93WOdVheBw+OTjD49YN3swNom5kM/Un6y2i+LtHHroytEp4xqH4uZqy+eLwcfr7jsRoK1NInzAxIjef2fndlHtok7RVPxkDt2+S47lPWLi+0TZ/yqEJmSP8RL6k50a4G1f6HtEu43CozNb53HfQnpY9pz55TyJwcgSSoJwc4nzBFRAw6bOzl136sQ81swhR/wtftqAw/1i8aAp8G8iKBcnC9ecHU8afdguLiCILA3NTu/PuO/itDwJq9vq05jGY1GGIJA09J3LJgjVXRHUwVdGOIEFCXBE0IdI0KeogJJmTLiyYSrQfFrQtMOoTCydsl8ixM6fW72aiE2LLVMOPQ7Zi44x2RcQMk4e28s3hqyJ8GmkS+WL8aU+fGeydDuniH7ikkZ3Wrk6YNvV4m6K+vZ+5sj0Ysr0HQUKgCGL2/F1/Tr07rycCZ0cgCcrZIc8XLkSgPdjsGH4cC6uQtycCu0AACUW0iiw9gHMXIGQjLgeBJCiX01c3taYv3Tn1FS0K1bqokZREIBFYhoAkgc6jIsxyNFs0YCmJwCYRSIKyyW7JSjUI1HZzfhEcO499BH2CngjsGQHmOmY5fkTENyWhXUoisFkEkqBstmuyYhUCJlWOgCXUkp+HlPUpiUAiMA+Bz62yBnPQ5WidJH8ednnXNSGQBOWagM/XLkaAOlqoJQfWY5/uurgy+UAicEEISMTmTCpOwBydOQlz+E1JBDaNQBKUTXdPVq5BQJSJ81REtAgLNdEeOxw1QU8E9oTAi3WnLz9bl4zNEQ8/tKcGZlv2i0ASlP327V5bhqR8a2dLl2BL6vI1Kb/3ik+2KxEoCMg5g4wIpRYGfpee070TrURgswgkQdls12TFRhAQLinzq4lXsjSZYb8jEUsEEoH/Q0B+lQd0hwI6pNK/JQhMSQQuBoEkKBfTVVnRBgGJtWTAdA4MuVuXujyBSgRuOgKOhHCoJHGcgdDiOadd33Tcsv0bQyAJysY6JKuzGAEmHunV739Ix37fxU/nA4nA/hBwRIQzd2SWdRRDSiJwkQgkQbnIbstKNwiITrhV+qLkuEgEHoeA9PVS9Etln5IIXCwCSVAutuuy4olAIpAIJAKJwH4RSIKy377NliUCiUAikAgkAheLQBKUi+26rHgikAgkAolAIrBfBJKg7Ldvs2WJQCKQCCQCicDFIpAE5WK7LiueCCQCiUAikAjsF4EkKPvt22xZIpAIJAKJQCJwsQgkQbnYrsuKJwKJQCKQCCQC+0UgCcp++zZblggkAolAIpAIXCwCSVAutuuy4olAIpAIJAKJwH4RSIKy377NliUCiUAikAgkAheLQBKUi+26rHgikAgkAolAIrBfBJKg7Ldvs2WJQCKQCCQCicDFIpAE5WK7LiueCCQCiUAikAjsF4H/D0AGY8cojPirAAAAAElFTkSuQmCC"/></switch></g></g></g><g data-cell-id="7QqzYbiBiShg53c-Jw5P-13"><g><rect x="200" y="305" width="170" height="60" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 168px; height: 1px; padding-top: 335px; margin-left: 201px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Verdana; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">Infrastructure Providder</div></div></div></foreignObject><image x="201" y="328.5" width="168" height="17" xlink:href="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAqAAAABECAYAAABedod4AAAAAXNSR0IArs4c6QAAHk9JREFUeF7tnQn4fV01x1dCyBxJZkUyC5kJr3l4NagImadESigSJWlQMmTIlCFjr3plFkJRyRTKFJnnsZD5fJ5nL63/evc5Z597z7nnnHu/63nu8//97z1n732+e5+9v3vtNVzPJEJACAgBISAEhIAQEAJC4IQIXO+EdakqISAEhIAQEAJCQAgIASFgIqAaBEJACAgBISAEhIAQEAInRUAE9KRwqzIhIASEgBAQAkJACAgBEVCNASEgBISAEBACQkAICIGTIiACelK4VZkQEAJCQAgIASEgBISACKjGgBAQAkJACAgBISAEhMBJERABPSncqkwICAEhIASEgBAQAkJABFRjQAgIASEgBISAEBACQuCkCIiAnhRuVSYEhIAQEAJCYBYE7mlmr9hT0u+a2eOOrGXp8o9snm7fOwIioHvvwX20//pm9rFm9pFm9mZm9qpm9i9m9nwz+24ze9g+HkOtFAJCQAhsBoFrzOzdzexGlRb9sJl98JEtXbr8I5un2/eOgAjo3ntw++1/TTO71szerjT1n8zsFczsJcr/n2xmV23/MdRCISAEhMAmEXgNM/sgM/vm0Lo5CKgXt3T5mwRVjVoeARHQ5TGeq4YvNbMvmFgYRO8FE++Z8/IbmtnTzOwtzexvzewDu4nymWb2cmb2IDO7h5mJgM6JuMoSAv0IfJOZfcIEgP6rnFT8s5n9oZn9upk91cx+yMz+fUI5l3wpG+2HmNnHm9k/dHjey8yeuAAgb21mv7oQAaXYpctfABIVuXUEREC33kMvbt+bdJP/+3RH1rcwM/5mQshHL79hZs81s98p/36vmf33io/4QDP7wlL/vc3s4aEt7Kr/zMx+VhrQFXtIVV8SAswZ71HmkDfuiOTbmtkrHwAAhPQbu/u+2MxeeMD9l3TLp5rZ14UHhrgzf2N+NKcsTRCXLn9OLFTWThAQAd1JR1WaCbGD4EV5qY7wobXYgqD9/KvOvpN/kbcxs19LDfsxM3tJEdAtdJfacIEIfI2Z3S08N3bZtyr/573EwYWNIuTj6kJYI0x/bGbvb2bPuUDsWh8ZG/c7p4vvZGbf11pA43VLE8Sly298TF12TgiIgO63N7dOQJlkvyfAWzMHwCHpJuUYfr89oZYLgX0ikAko9tlDGlFOYB5rZth1u/y5mb2Dmf3pPiFYvNX36+zdHxBq+d9C6DmtmlOWJohLlz8nFiprJwiIgO6koyrN3DoB5diJ4yeEY6eX3S/Ui7T8CUWrpHdwGF5f+L6ku4wjX8l8CEwloNT8Vmb2i+l9RstHhAvJdRHA3p13HfKOORTz9pcvANTSBHHp8heAREVuHQEtflvvof72bZ2A/oKZvUtp/j+a2avsF+rZW37TzimB40vCU+kdHIbXNzIioLMPQzuEgNKKrzWzT0/NuZmZPW/+Jp5NibzzmDjwWUKWJohLl78EJipz4who8dt4Bw00b+sEFCP71y3t/zsze7X9Qj17y7+oI54QKkTvYD+82A//RQnbJQI6+zA8mIC+q5n9fGrO3bt3HEIrWQcBNNPRxn7OMEw80dLlr4Oaal0VAS1+q8J/VOVbJ6CQTgLOIyKgL+5qwrL8URez73VEQEfH/ycVb2suFAEdhWvyBYdqQF/GzP41bZ6+vQvVdNfJLdANcyHw5mb27FDY3AR06fLnwkHl7AgBEdAddVZq6tYJ6L91tk4sVCKgV3Yc2UmIo+iid7D/Hfzl4HktAjr/XHUoAaUlhGLCsdCFiBYfMH8TVWIjAoTVIvyey9wEdOnyGx9Tl50TAlr89tubSxFQ7BKx9+Fz4xLIngDUBJRvDfFEGcQHvMFCBPSlSwo62vikEvO01pOvbWa37GzWXr3YoOLhi0PU35Sg2nii4pU6Rd6geP1i04WDAUT7r4tNJ/mXOTLuE7SftDcu1HO+g4TQeScz+/3u3x+f8lALXMuzcmz3piVerUdBgLjgbY294O8NxJF8x+Ls4k3bEwFtHZ88G+GObl1iczJOGY8ELP9NM3tWl3ziPxfoGy/yGAJKiDXmB5efKzFGD2nuFLwoP8ZBfqViV0miC+ap3z6kATu4h7kLm3rmHeI//0/ZBHC6BPEk4cgfHEFAly6feZj5iTGDYoIxTnIDHNqYE+aS1+9iS9+mS3RCSMLHzFWoylkGgTkXv2VaqFL7EJhCQG9eFvtaWUwKZNAgpzD52m9nZkzqWSA1/E4mlJoQ1Pr9SjnvnLQjfc/wdDODaBBL8Ed7LnqLshjzM8fW9yxHfe7UdNviZeq3M/H8tJlxZDQWZJsJm+xSBOwfk3crGU0geEPCQvgx6XkIN8XxJJ7CrzVWUfAwhtzWJNrbYSdJtIFPMzMcQZBHdXmg0R5+R8/9H5FCZPllUeOYb+U4nEw6YwLpv0+JfegmGH33QLYI30N7GFdESrh9R6A/qsSGZSMzJGSY+fzSrr4MP4QM+stUyMuPOIO8USHxftuc49PLBBvGHu2uvW9ch8PKN5jZl5UFewz7qb8fQ0DZyPkGk3p/sMwd/L0EXmD02V3yCsYhJKxP6GuC5D+ibHTydURSuH8DUIxHbF2zEFqOEHN94hsl5kt/H/O1kDEShrTIe3fe84Ryoi1D7wPvUlzPWzWgS5bPXEx/fV7wB8jPTGSAx3df0i+1eLK/VDb8+T7uuUP5kufm788Kjq9sRlBQSDaMgAjohjtnpGlTCChaFjKgQKLuWLSCXvxDy/djxIrrWXTI6f5blbZFr/dWVJ2AQjwgrcQTZHIndacLu1lsm5jYmcziosc1mYCyu3bixqTMDhtCStYldtqQcQhbjGXIwvaVA43G45fF2t+XpxSNsDvIQHbJxUzgbuSju3q+M5TXN4n2VQkeYP32BRM0pqQxdWGyJjXrZxayh+YsCgT0cwuObAw+sfSbX9NHQHEU41n4ME4YLy4tBJR6wMn7iH74kaKZQuOBFpRFmbFIP7h8SNEMDxGXGlZOQMGd5+RDxq2omasRUMpCU8LGgA/B2N1hjt8yAZ1zfFI+7xAEwdsJNtcU7R0kg03Zh3XxI9EiI2iL6f94xDowXJt/OpSAooFjoxUFz/jPKF/MjRdzE+krfZzzbrBhZeOMNp1g+cwTXOfvKKccYMjJTRQ2H2y2+Y0xHeWnSr8w3+DQg3YxC2PNx817hvBT5GEnHBXvOqc/bMTY3JOA45MTaW4hoGiFv6VTHNwlNAC7W8YN44A62HzyYeyiFaZdLmMEdOnymUtoA9p9hNMzTn+eUeZnMGCu980Xz8Oz5jSlzBdoflkbYuQFMuiBPyZNbNBQVEQRAW2eBta7UAR0PeyPrXkKAY11ZQ0AEzhH0Xw4Qv77MqmjoYEYoJGKwsQfyVDfc0QNyRQnpNw+Fja0sk4YOZKkjSw6SB8BZbKGSHHMk4VnQ9vHcTpCWyFEkNQsTKAsKv6ukNP5WyvXoZGFbEEeMgGNl6Pxi1rQlneQxfVnQiHXlgD+PrlzHAeJYXGF/EFA7xGuJwUqOahd+ghobCeaxQeHL8YIaB6PLOZofQlUXhM0OpgJYMbgBDReB5mNR2itR/BZi9tHQGNd2C+ivXfJBDRee+z4hCg8s/QV5bKQfniF0EGSeNfAB0E7xIZkztSXhxJQNluQiShsWL6/0tHH4gX5+MlwKgCBgbjgyJcFzCCBriHlvX7fisc+9/HeoYXEttHlcYnw9Qzd//8a4oO2n/kIwtl3YsG7gKbRZYyA1kx1IGZoy2ukmHKnhElaunyUAIxx5l+EeZU1Iwffp5+Y17wPwI85DfOTmkRzKcx32FxExzfWMp6Nja4I6Njo3cDvLYvfBpqpJlQQmIuAjhGLTEQgO2hAiO05JHMRUCYlJl/IChMOx+Yc27AoXTVAQH+gLOx9bURDiAbNBe0NZDcLRz0QYIQ6WdD6BLJOvUsTUCZiJm6cmbC9g5yAE0e6aEZPTUAhb5Aln08gCWg5GQNDQp+C554J6JTxyeKIRt43DpBzyEifDZz3p2OIdpfNxFxyKAEljSSk2QUM2FSxCcqSCegUvJxI+EaREwc0XX0kjLo5PWH8uRaeeLt8BznJgtnKo8OXbG5fb8SO2y9Hg/gnRYvtmvi+fplKQDEz+opQGO8678mQDf4UArp0+XHDy3qBZpo+qQkbDE7PXIY0t9leH3tfNj1s4iCcjD8vTwR0rlliwXJEQBcEd+GiT0VAseNht8nE7IJGjmPoIZmLgHJ8VTMmdyeVmg0okxJkEsLYJ/m4l4DnObg298ZwUmgE7ztQJlhBBrmmL9fzHBrQPk0NGlA0vt91Qg0opIojwXikjqYOTeSYQKgwAdkzAZ0yPtECscC6sAl62ABIkLqY4hK7QrSzc8khBJSNxZOTPeIQAcsEdApe2A7GrEFo8bHtHJOvDuYAXMv7GLX5fj/aZQgqG2qXB3YOPsTpHRNOEXgP2Qy/YSmn754pBJQjfjYmHK0jEDiO1sdsRlsJ6NLlcxJE+z0CCqdCaMyHhPXF5w9IJmsN5D5LJKDU0WdPz8aWEzLZgI6N4pV/FwFduQOOqP5UBJQm4qTDEZsL2g80fUMyFwEd0tCyIHF8WrNJHYM2B9OupROEXLHAuOCEk+3GxurJv89BQCGYOOrUBNs2Fi2O6V2WPIK/OjmBYa7QYk9M27CP+5WdE9Ap45N3Jpq0ECGg5ngR+5WFmONdF44thyItTBmPUwko6SQhXTGpBO8e9tt9WtxMQFvxYm3itMO1nzwXxATCOCbY2HIE7MI9lMN7keVBaVNJRAtsKl80UgmB+JlDojNM3y1TCGjWykKm2CyPSSsBXbp8TpLYALiwqWdzPyQ4S8b5DGdN5uMskYByrB/fi3gtWnJOxx45Bpp+XxcBEdB18T+m9lMSULQ0nxMaO3TE7JedgoAeg18moJDsO1cK5OjOnYv4m8mttjtvbcvSBLTWjiUJ6GOL17/Xy7ExtnEtwvyDcwHanWzSsRcb0DETlogDjjuubeO4F2eduMGpYeZEx3/D3OEnWsBtuGaIgLL5YtyjZaKPIAXRjpHi6TcW+prttFc/hYDGJqP1i7aAkMh4CjP0eIwrsI5RGGI0jXgvNsLYk3Kk7kK0D8Z1n8Sg7Nid5qxQ+b4pBNTNUrwMHA0joetrUysBXbr8vMlqwQetM+uZS99JUysBbRj6umQLCIiAbqEXDmvDKQkox2Ach7lcEgF1W1N/dhZCHJE4hjxEzo2A5nAzteP0Q3A6NwIKeYqOMxCkHL2ghhO2tVEDxiapJWxYC+aZgLbcwzXYcaLVYg7qc7zxsg4loLxjeJa7EMkiE+Ch9mIvHjXxOPDgVV6TvInCux4P9j7BvAfNHp7yaPHHZAoBjSY/lMtGuS/0Xay3lYAuXT4mQESYcIGsj51QZVOLry9h5TKuIqBjI21nv4uA7qzDQnNFQIf7DlskwnSg+UCLgzYHxwQf82hHYpihPg1ozlzktbL4sECy489xJodadk4EFDyzoxFe3nOECzo3AspYhES5cBxMqKAxIZZtDD0GLpGYjd0/9PsUAoqWk2NtnoEQYzWHo1pdhxJQ7EqxkXWZmuoTMxW0ti7YGsdNdGxrznPOb8wN0TnGr8fOGvtDHKT6ImJkHFoJaLb5pRxsGTELGJMWArp0+WjNcZSKvIKN1piWH1vcmFWL8YWSI4sI6Ngo2NnvIqA767DQXBHQet+hVWLxwqYIp6BW6SOg3J81wLFMJle8VAnNBBn9j5EKz4mA3qRij9gS9qilT86NgGKbS7D2Y2XKkf9YXZmAEvg+av4Y23yH6cmhGZkOJaAEk4/21n1Ogn3PSAB/HJ5c+D/xf/uEE433Cj/2RdGgDNrC5gFb0bFIDxTZSkDZLOdQRcRwHiNw1NFCQJcun81S68ZkaGz22biLgI690Tv7XQR0Zx0mAjrYYRxzYo9FxiSEWKAYohOuiBinOEr4ZN5qA+oVkt2IEEdedq0haIkIal+Lh+jXnxMBvUXFO5fA0nOk1js3AsqGKGamQkuMtnhNmeqEdEhbDyWgOKFEm2zeY8IHtQrXx1i4ZDDCc71PcmxT5gkcl7K9N+F9COuE81K0WxxqVysBzXMSm9mceKOvnhYCunT5OAVlvObakPLcIqCto38n14mA7qSjKs2UBvS6oMSA4iwgGMDnTCh+11QCyn1oIziSZyFjwfJQKbklOGzFOH7x93MioNmukedEK0qe8GPl3AgokSNiaC5s5Qjfs6ZsmYB+WwoyjiMODjmt4naafj3lfdzAzayFxJWMm4IcXspjTHLMjJ3jkPNVrKqVgHLsT1xfl7kJ6NLlc/qUzQVaIxe09KsIaAtKO7pGBHRHnZWaKgJ6JSBoKwjb4mMareeHDnTvIQQ0FkecO5xDCGtCeJr4LmHfh+dwLRbmORFQtJ3Ze52sJsT1O1bOjYDivc4GyYWjyuilfSxeh9y/ZQJKalxye7tg98qYaBVMYvBmd6E8TieG5FO6DRQOMC45w5HblY5pU3MdrQQ0azEpB+/8FvOHFg3o0uXXbMKxr81mBa19mK8TAT0UuY3eJwK60Y5paJYI6JUg4eVKnE6XIS0k1xxLQGPtaFrRbnl6UH7rM6Q/JwLK/IGNYNQEk7c+Eq2GoVy95NwIKHnq84YE3DATWUu2TECzZ/QTStazVqwI+B9TBpPRLWY+q5VDWCyiXMQ4p5BS7FHR7nG8DMki7ikZrVqllYBiU/r8VCia1vxdrd4WArp0+bSL+QBHLRdOighGP4eIgM6B4obKEAHdUGdMbIoI6JWAkb2EfOEudylBs/tgnZOAUgfHc9if+jv1vM7m72aVys+JgPJ4pMEjO44L4xL7uGPl3Ago5IbF+foBGMIEEbh/LdkyASXkEsTNZWpqRWy+Y9YoTilieX2Y55iUxCLFecdTErOJINPXFGkloMwdOHxFj/BWAtdCQJcuH0wg5mSpc7lPymY1Bbd8rQjoMeht8F4R0A12SmOTRECvBCoHy+/LpuF3tRJQnI/QvrQ41pDVx+MC9h2xrkFAMzZjgbbByBdcx6vP+xrHLILPu7TGRhwb5ocSUEIFkQnHpUWDFG2HuQ/iQnzTmhzqVENZxEMk+5FLa9rHMawO/X3LBJSwaXiae4B4vM0JrdbidY4GEztkwgIh2GzyXS0ffMaOUww0jtH5hzzseNFj5tMSAzmX2UpAuS8nHnhUcqbq6+sWAnqK8rPtLc/DCdEcIgI6B4obKkMEdEOdMbEpIqBXAna/bsF5QPhqLM92KwFl8cL54dEN/UOYHcLtIK0a0JYwK7cpoZ68CUOpOGvNzKQJTTHfDUkrAUXLi7bJF3vKnCNbTyagEF36eEyyRpb4m3w3JKcioDntI5sU8JsjdM0YLrXft0xAaS+2lncKDW8dV3ftnIRwOnLpC6nUh1m2H2XTiIc3pJZj7LFQa7ncKQQU0yE2jC7UyRh54UgHtxLQpctH05wzdTF/PeWQAZruEQGdAcQtFSECuqXemNYWEdAr8WKhYsFyGcucMoWAotWLWrW+niKDCgsBAhm9XeVCHKWi9zN/4xE9JMcS0GwfiyYO54Ch+IKtBJR2E3bqDuEB8A7mWJ5nPVTQNBF83KU1EHnOK92XVSW261QE9OYlSH8k6+RWR8veEuvxUCz77ts6AeUolygWvk49yczItDUkYIvTC6k8XVqzCfn1tXiZ/Naycau1bQoBrWlgW0JQtRLQpcsHf977mA2J+YY5jKD0x4gI6DHobfBeEdANdkpjk0RArwSKeHM4CUQbOwJRPybhydEeC/7dUsiVvkD0aEApE4938ij3CcdMcZd/+y5e4DWVi7OG7hGdbeC9Rvr8WAJKaJnnpDpIP0icxOzFjv0ZZgT8dttwz1AAdBw0sNGjD1zwIMb+i3peNPB8zEG1DC35mTGB4Ph6LPRN9mSG2KH1IYxPJnmEjMI5CI3TLUMblzqCp4qHV/obEw/GAFrzPmEM0je5vxqni+plWyegNDp7w49lH/oqM7t7eNqp4Zv81pyCF60nIYWmZD3zsqYQUO7J9ux8R1g3TgBqqU85RcHkKOavxwmLkHE1Wbr8WvY45h/mkLG0ojfq+o90oTURAT3mbd/gvSKgG+yUxiaJgF4XKLRJOdg0dpk4EhA2ieMzyBX2XXit3zEUMUZAIS942fNB0+lkhuwfaF/JlsTfyLXdNVf39GP27uUy8n0/vbQLMkYYpxiz8FgCSh050wvfsaiirYDU0HY+aEjQYmBrB2YuYxl4wJXn5qgyCsSRRYfA6xw1Uzbhm/igJSHzDkec5IyOQt2kPMTuz4UYg/Qx7SWEEUeTELp4xM4z8Ew5xBEOQISHot+4ht9Z7JD8rEsSUJ7riZ1mD7vCKPQ5GxjaCMkGJ579pl1EBTSnBP2HXKGZnkv2QEB5VzE5YUOHQELIRASxfG75DqzQct63mH84Po/v8MQZcWgD1Icl0Ryi93ZfVIuWvphKQMngxhihDVHY1KGt58SE8XLjsnkjvifvUxTajgNTTZYunzoxh6qZzKCdZv5EWcD8g0KAMY59LWOc8R+dmGL7RUBbRtuOrhEB3U9nocW6qmhq0NZw5BIXZ56Eow52mv6BZLHgMkFzrMSLDbEhRqULxAQbKSYFjpp9siZEDKQCgoBNVUzRB2GibEiTa9bYhXNMzWSINpDJz8eXp6sk0LN/IIVu+8aEyPPgXUpdtw7tI80lkykEhgUHcsHkWxM0cVwfj9/yddR5/7KARYcgJje0eOCBw4HHsiRMDh7MUcCIXTrPTJ3+nJSBxhWb0b5FDy3Ws5KHbm4jiwyLDxMyWKBRiGSZtnHUDCb+GXPOYIKH4AxlcgJXAmFDTGgntnAuLygOEuALPjWnLDSKEEIy2ERN9NBbRtibe6cg7X591mbmcoiPiLc0jg5RGHuQj6EsMmiSWOTRQBPLNRJ+tFw8J7Zs2BLONT69jYwbbFrR1JEHe0wYV2i02Lzw/hwqaKjZLDEX8IH057GNAw4EB20s/zK+hjJ71doyN17MXxBvnh/C4oJdJOMQB6OYdheiRsglNNuRtEzBjXeaOcqdxngPcXBrEfqUOZoP8zZa23g6AJl9RpnPmD+Zh7LgfIXWk9SfjJchgcgRKopxHN87+g5NLvbr+QRk6fJpL2Y0bMwhmC0COWUTwVh3ATewZ22Izo7My2zIfP7j+eY8HWhpr645EgER0CMBPOHt2du4pWpIBMQBDUpLcHAWYTfezzaAffWxgEF+sk3lWPsgCG43yPE2pLZFWDhZGPqEZ+b4GI0Jz82EjDfts4v2AFtC94blSD1roiiXidwDUrPgQXKYBEnBh9YNokWsOyZ+Jj2IMbZqLCyulRl6FrSMaAggSvzNQsqCz6JEAH2wYIGoHbfVyoXIQBrHhIWao17s6CCkCFpGQstATtFg8n8kB06PZbMxYbPSJ9i1Yv/KRoRFGE0jOLJosAFg0WDDw3NCHofsH8kgRApGsKcv0YLSlxBEtNY59Z+3iU0IR+/k96a/qBuyS5gY7INZ5Nyx48E9mkXGCdrSOcdnxAwNFmQdDTfjGpz8ncX5BIzRHmPKMWZ6MNb3/H5IPnrHoKV8v2YpvMCHjRiOLuDFeOY95B3EvpDTDvqWzTEa72MFrT/EjlBZhMxqldrpVN+9bGRj3NF8HZtQ0riifODEAM09ZkE8r2+YeQ/YNOXQU17W0PywdPlsAnmHeQ+ZQxnzvFO+iWdDBb7MPbU5hd+iwqQPx7ietPaTrlsZARHQlTtA1QsBISAEhIAQEAJC4NIQEAG9tB7X8woBISAEhIAQEAJCYGUEREBX7gBVLwSEgBAQAkJACAiBS0NABPTSelzPKwSEgBAQAkJACAiBlREQAV25A1S9EBACQkAICAEhIAQuDQER0EvrcT2vEBACQkAICAEhIARWRkAEdOUOUPVCQAgIASEgBISAELg0BERAL63H9bxCQAgIASEgBISAEFgZARHQlTtA1QsBISAEhIAQEAJC4NIQEAG9tB7X8woBISAEhIAQEAJCYGUEREBX7gBVLwSEgBAQAkJACAiBS0NABPTSelzPKwSEgBAQAkJACAiBlREQAV25A1S9EBACQkAICAEhIAQuDQER0EvrcT2vEBACQkAICAEhIARWRkAEdOUOUPVCQAgIASEgBISAELg0BERAL63H9bxCQAgIASEgBISAEFgZARHQlTtA1QsBISAEhIAQEAJC4NIQEAG9tB7X8woBISAEhIAQEAJCYGUEREBX7gBVLwSEgBAQAkJACAiBS0NABPTSelzPKwSEgBAQAkJACAiBlREQAV25A1S9EBACQkAICAEhIAQuDQER0EvrcT2vEBACQkAICAEhIARWRkAEdOUOUPVCQAgIASEgBISAELg0BERAL63H9bxCQAgIASEgBISAEFgZgf8D4PK/rmbjRi0AAAAASUVORK5CYII="/></switch></g></g></g><g data-cell-id="7QqzYbiBiShg53c-Jw5P-30"><g/><g data-cell-id="7QqzYbiBiShg53c-Jw5P-14"><g><rect x="55" y="385" width="470" height="200" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g></g><g data-cell-id="7QqzYbiBiShg53c-Jw5P-15"><g><rect x="65" y="395" width="220" height="160" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g></g><g data-cell-id="7QqzYbiBiShg53c-Jw5P-16"><g><rect x="295" y="395" width="220" height="160" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g></g><g data-cell-id="7QqzYbiBiShg53c-Jw5P-17"><g><rect x="130" y="525" width="90" height="30" fill="none" stroke="none" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 1px; height: 1px; padding-top: 540px; margin-left: 175px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Verdana; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: nowrap;">Control Plane</div></div></div></foreignObject><image x="142" y="533.5" width="66" height="17" xlink:href="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAQgAAABECAYAAAB9G6tcAAAAAXNSR0IArs4c6QAAEUJJREFUeF7tnQP0bEcSxr+sbStrm1nbWTtr22bWNrNWsrZtG1nbzNq+v3e63qvX25czPW/uTNU5/5OXmXsb1d1fF77u2UshoYHQQGigRQN7hWZCA6GB0ECbBgIgYm6EBkIDrRoIgIjJERoIDQRAxBwIDYQGxmsgLIjxOos3QgNbo4EAiK0Z6uhoaGC8BgIgxuss3ggNbI0GAiC2Zqijo6GB8RoIgBivs3gjNLA1GgiA2JqhHt3RT0g6X8tb35F06tEl7tkXNq0/K9FmAMRK1DzLSk4s6cySTifpjJJu7XoxR4DYtP6sZFKNBYhjSbp02lnOKumkko4v6YiSDi3p75L+Kuk3kn4p6aeSvi3pW5K+IunL6fuVdC4qWZoGjpCN2zIBgvlxqhEtZY79QdLvJH1D0hclvVvShyT9d2A5NfszsAnzeGwoQFxS0p0lXSEBQd67f6ZBO6qkw3V0/d/NrvQaSdedh3qilUkDNRfU5SWdXdJpk7Vyrp451DYoP5T0cEnPGwAUNfuzUZOmDyBOLuk5yWqwjv9H0rskvVPSeyUxML93WjlSMkkZ9MskUDmy+/7Tks67UVrc/M6sckEdLOlMTqXvkXTb9P+Hl8QmdApJAMm1kxXrR+D9kq4s6U8dw7LK/sx6dnQBBK4Eu/3RXA/fJ+nukr4wote4H7doTNR7S8IP5N1zjHg/Ht3zGljlgsoB4o3NnLlqiwoOJemOkh6bWR0fkHQpSVisJVllf/b86C3QgjaAABzeKumwruxnSbr9APOtrTmXSBYHsQiCX5ssd5H0JEkXl8RknbusckGNAQjT660kPTtTMkFVrN8AiAVmXwkgMN/Y5b3l8GJJN1mgHl49bgpcErDE39xk+aqkMwRATBriKQDBPCYA7l0TXN+9AyAmjcHOl0oAQVyB3d7kVyl49NvFqtrx9i8k/SX5kEsobi2LuEgDDB9MLQsLYvwQTQEIanlAE0B/WFbdWSRRXi6rtIjGa2CN3sgB4rKS3pG17w7N7v+MJbWZgNPpm0jzSZZU3joWc5Ck/QIgJg/NVIAozd2bNVbECwMgJo+FcoB4u6TLueJIX54g8Rqm17LrTWIaBJbIZW+iHFvSTyQRbUfCghg/ylMB4pySPptVd5+Go/OYAIjxg2BveIA4XsOW+1lawPb9WxqlX2l68Ut58yhNSvX8KZ3FAqTNhzSZkR83adSPNVmVPy6lll2FQNqBYkzGhSg4RB5SZ0PquW8TTX+ka88yAYKU88VS4Pi5PX0+jKRzSzqNJHRG6hnyGi4elGPGeYys0iSfChDEfIj9eHloE1TfvwJAYAFTH3G1Y0o6hqS/NUF83HGIW19aIJifN3eR+VgaY9oNmLLeGVdCB9+T9PHEZdrtHQ8QN2gYbS/NSrynpMePmUlLfPaiku7vFkWp6H8lBh2+Z1e2ADBhwedyt5RtIGhKEBbXoBTYgrXHbpRHyikPJim64w/uR59ADMKNazsb8NrGb75mKoTx4d+Q1C6YPmMCttVzygbUHtgE7K6R+AJtbSGT9ARJL+lIBfp35wAQ+6RJ7tuN3p66JIDA+iXNTwYOQOgSmKbM3Ve2PFRzPpaqpO23TFSDk7W0ic2QufdgSV+zZzxAPNMRUux73A0IUasUOsNCvKmrFErt2yT9KJnvLGgsm+O4Z17UULtJd+EW5cKCYvfdVxKsUBMU8o9GIdfJLKe2/t5c0guyLx+dFD9URwYQ7AwseqyV27mXATosD9qKNUKgzUsbQNymsRae1rAJsR4QdrM3JZo7fWRiwIT1GaTPJFJRn0UxB4AAFOHteLlW4TO+n9If/w6UbnZcAAOXEuo3h9cYgxO6Bty1AZMnr3g+5tWxRqAsGDmRTRXP4FOJPo9Fwfw/enrxz82cuX7DVYJ/slsM4sOSLpSVjimFAlYlANYb0qSlTlibd2rMIcAr59ljNj8xO0REx2HRtXHyAQncBRNiIXZGhP/+OrkvTAZ0AcELopcJZjqWCOZkSQ5MyrXvhroYvr2kgXGdbuwqgKlK7AYWYQkgsISwCEwAMfTGYOcCP+DpDkh+kNwR+t4mUxbU1Dkz1cV4XMOevIerFJ2yWHGrcpnSH3uHLBxWBGZ5LpxVAnShCiDME4CjbQ3Vno+0Geay8Y5oB5sELpCXE6V1YZsH56kAlIO9BcFEyc0PdqM2NtrUCdD1HkQsJq8JZpr36Uvvvjw729GG2rybDwgZB1yDNrlAY3EAnCxOk6uknbn0zjIAgnLxpV+d3CYAAT8Ra+MjBYCAlfpJR2rD4sNK6Tq4BEgc4DrQxVbksSkLaur8mAIQWJ0sWO9GohPcjpJM6Y+9g5WCZdIm98oCo11ZwNrzkfAAzGeEzZZYHpZDSWx+2XdYHft6gADtLPrOQ6AIu/SqhJ0ahCPog3AalHhA225t7WJS4PNZ24kX8BlIn8vYAeH9lzWnBq/nCsJHe0iLUpYBEJyALcVLqJLFT8zDxyDyzBNnFD7XM2iMO8Dj3RfAELO5JFMW1NR5MwUg2Eg4qOXFXLll9QcQArRJ+XN6tE1wyxkTExjI3oX079Wcj6wj5hJjh+CiX7FnULBe7Z4PNpi9DSD4LwjjhQXKZFyVECT0OWv+TR57iOBa+M7jGjy/8OKUAeGgEC6OCROEXaEkywAIQLKNJ8KC5owBNG4EUxZwtHFkFyVQOUQwxzHLTWj7DVteXFeAoN+4V5zF8FZeV1/oYs3+4JpidZpg4RovJldvzfnIHCUmZQJIAVZdQpLCW9T72cQCHQlkeemaqEMm4NhnQGeL3vNuG8mlVC7+9lPcFz4T4J+fMiAADwBkAvAAQCWpDRB5nblLRlbCxy66xoD7PLAiTIhBkLYrSc0FldfXZUEwTwmmscthEhM0Jsjm5fUp6FYKVttzNfuTAwSZjLbrDWrOR1whArcmMHw9cJXGmWwgjFSTR3kXg1iDR2EisxbZ7Jpoy/oO7jwX0IzpkD3LsXKfbSHbUUrnTBmQ3GRcJ4AAEPyu/6AC3bhtfHDJcMP8mJNZ+W7hhZoLqg8ghs4vgpFMbu6D6JOa/akNEEPnI9Yk3BkTApUE4ruEE9dk5UwO8ABBWsynDfFBuCVq6C09fYPS9T3xhzxmgKlcihSXyoEQ9M3sC+InxFG8bBpAEIjzd2uMsbrQC1YiEWwTItzef7bPay6oqQCBS8yYE6XHwsNy6LIafD2L9AffnuwU7h6xIg41Ara2lshkXNhVtmwLYghAAPqkM/36xkLsSziwZsiUmRzoC4CmCsPKC4ABa7G2MEnzVBDxD+IgQ4R0FgEZL3z28+yzTQMIFgjgaEI++1VDFJaegV/ieREEY19ReH+RBTWiOTse7bowhu/t9jJSv3ncbGhdU/qD+wVtGx/dX4PQV+eeAAiIXMs4XHmQBwiIRrn/CqkIMkht4WLUr2eV4N7g5gwRniV74YVDYSwAL5sGEBCcOCtj0pWCLenx81lGBKJPiS06ZUENGbfSM1OyGGPrGtsfsmn47+YCY+0SKH5zsmKYp7Y7r4OLQZAbN9tLacPs1ZsHiNKlG6uiWuMr5e4EZwggJg0Ru2vCP0uZcDs2GSC+n1HDCUq9bojC0jP4pNxYbUImibs/chm7oEY04f8eXUeAgBrPaVEEICDgB5mtJOsAEKX1AMgR5xslHiAw8+GI+89WdVirZBKB1rRniNB5FosXyvR3ZfLdplkQXOxzNtdpApZkUoZKHsjiarcdFNtMthkg8lQyVgNs3TZZB4AgJpLzh5gnOYOyd57kx709UvIygQ7MlRJdtbfwwgMQfHBlILbA1DIhqMJpSU/M4lmfhuuq7zwZQwwTkFOgeYB10wAiJ0lx1Z1P9/aNERe7+guFYR4S+AyA2KUBUqk+MwJ/xNPac12tA0DQJtYTa8CEdD1kqVGSAwTR2TzmwBFmn/oYVUH2sLkxEEcgkHjJz4JcLZ3LGFIf5UGbNvlo4VwJ320aQOR5a8ABkBgieWCYzYCIfJ75oaxttiBIHXvmLAeZYNe2yboABKxYTzWftI5LV87hw7I4TUAi/NSh5n7X5LQTo6VTdvmpSAYFWvMQ4UgvtxubwEEnfpLLpgFEnvLiqjv6OESuno732rMcMsISK8k2A0R+CKy0uXmdrQtAwPj1FG82YGIno6QEEAQ48G19fhxTluPVfXnUvsrZ2eH8l3xdsg47z6GncwE82yf0gUtdPMW47S7CVQMEtGju+OwT7wqNYbDCUyEQa2c3YMMS3O36TQhrC1R2fxFx16GibQYI7tfg4hkTDmN5ino+tusCENxMz+/XeGH+232pfXNyx/clgOBzaLjcS2AHp/iM/DrmFaboFCFwAhkLIkabP4SPxCEbE3Y0drYuIffvc/ccpIFZWZLaAAHL0p8fGUpcmgoQ9DE/PdjnI/MOLFMO5tivoJEtIuvTdmvWNgNEPr9wwf2dIusKEMT1OKfj2ZRkrVgDXUf7d+tPG0DwEFeIk8XwFWABYMqTPx8q7HJEfUFd+w1GFnDpRBwTl+vL7cp9/g0it/EhIPnQJmOA8hzR2jyjYW2tDRC4RP6KM26NwqzrY/gtAhAcycff5Io5hEWOztoi1gSCsWq8f9qXHt1mgIA/AKeAeWxCLC2/9o85e6P02zFYwyZ7gihldXPpEFkXL1jp3C7FuukSLNFDugCClyEgcSkLpqhx9mGvcakL6TDOP5QyHKSGYGVybRzxBk/modyui1S4ch/arIEEKEiABbCyABr36WHNsCDtOVKaHPbi5uw2qQ0Q3A4FKHhhodJ29Ib7BqhBaPK79SIAQV2khBkLO7hE2eiGlKexUaGzM2Ee4diX1MtVepyG7JJtBgj0kh/55zOO1MPZQDdsbNzLgZWMpc1PAq4DQNAG3CPcpFyYl2z0gB+uKeuIsAJrF+IiFuY+fQBhheJycPEEi93fsMT33MqE60BqEUCBf+DvlfANw5TlV5i51KVtl+d5DpYQZPFBFRYY9VB2ficgOyKWjY9h+HqxgrgsA0vGn6xDCewEDDZUc2NjslsQxwDkcIcI6JlQB5etAAQoOLcO8gts8oGBug5vgwHhHAVuFGlfE/RI0BUWKH/Ul7NES4sZdxAwhwvhdzsot7QRK8sfzKJs3BF/UtWXS1yDcQB0sCb9CVZiHNxaBfuVPyy9wWZr1ngWFmdA0Dd/7L6+nbSdA2T8wdvgv6RiuTxnjCzSH4Cdm8j8D/PkdaNnrEeOWPs7JwFh0vXMUViqzLlVzkfayZwgCeDjil26AzzuBxVhKEBYYeTMCbxhwmLK01HOTGC2UhZgAUGDCQ0NmIAbAUSQlkq5KWnM4S8sEIKjAAV8DA7CEAMBaAjOEXDBhCrl7r0C2i4J9c/4Xw8rXYBaUmjpUhJ4+sQFGBTQmAmOHgAhdnmOorPDt11am9fTdnS9bYCxUAByLDGORWMq4oagM86mwADEvQMYuoLOQ9tHOxb55TXubORy2THSdwNWqaxF+0PsjBQy7hh6BYTZsABH+EOcrDViHuNcioNxtwibyyrno+mCjdXmBRsTVjgbLWuWTYu1iY64x3Tnb++OBYgxgxjPhgZCAzPXQADEzAcwmh8aqKmBAIia2o2yQwMz10AAxMwHMJofGqipgQCImtqNskMDM9dAAMTMBzCaHxqoqYEAiJrajbJDAzPXQADEzAcwmh8aqKmBAIia2o2yQwMz10AAxMwHMJofGqipgQCImtqNskMDM9dAAMTMBzCaHxqoqYEAiJrajbJDAzPXQADEzAcwmh8aqKmBAIia2o2yQwMz10AAxMwHMJofGqipgQCImtqNskMDM9dAAMTMBzCaHxqoqYEAiJrajbJDAzPXQADEzAcwmh8aqKmBAIia2o2yQwMz10AAxMwHMJofGqipgQCImtqNskMDM9dAAMTMBzCaHxqoqYH/AS/daFtNpzO6AAAAAElFTkSuQmCC"/></switch></g></g></g><g data-cell-id="7QqzYbiBiShg53c-Jw5P-18"><g><rect x="360" y="525" width="90" height="30" fill="none" stroke="none" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 1px; height: 1px; padding-top: 540px; margin-left: 405px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Verdana; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: nowrap;">Worker Nodes</div></div></div></foreignObject><image x="370.5" y="533.5" width="69" height="17" xlink:href="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAARQAAABECAYAAABAico6AAAAAXNSR0IArs4c6QAAE3hJREFUeF7tnQWwJLcRhn+HmZnJYWZmZmaOw+AwMzMzOMzgxGFOHGZmThwHHGZO5rtSX7UVzUizb+adddVd9erqdjUaqdX61ajdQ0HBgeBAcGAhDuyxUD/RTXAgOBAcUABKCEFwIDiwGAcCUBZjZXQUHAgOBKCEDAQHggOLcSAAZTFWRkfBgeBAAErIQHAgOLAYBwJQFmNldBQcCA4EoIQMBAeCA4txIABlMVZGR8GBLXHgnJKuOtHD8yUduKU3bMPDASjLMfmZku440t3TJN11uVdFT7shBy4v6SmSTiPpMIX5nUfSZw/p8w5AWW6FTiTpApLOKunSki7oug5AWY7Pu3tPh5N0OknPS/Jk8+0GUP4k6cgzVumoknhmaTq7pC80dsrG/WRj213R7NqSXh+AUmT9dyWdurIov5R05kHjO6hx8faS9ILGtteQ9ObGtruyGWO8mhtAN4ByI0kXlXQRSWfIOMjCfkXSDyR9P/29QdK/V+A0QHUVSadwf6eXdNL0rl9I+pCkj0t62WBC/G6FMSzVZQDKOCevIOkcklhb/jhIDlto/qZB9q7VuCDICP2eNv0hx5gO0I+TDH9T0rck7ScJWTqkU7eAYow9kiQAxGsrr5IE4GxKz5H0DUlP37CDhwzPPTQ9ixnx/g372e7HAlDaOf7VQZs700jzmwzA8Ir2rna2RLvhIIQAmndt0MeufqR7QIGBrxkA4HqOk3+UdDxJf9uAuydLms0BSeP47wZ9fCn5JAA6fBRraEYbDKv6SABKlUU7GxigfDGZOd4hiRYKOPy0vbsdLQNQZjJsqea5Uxb7ElXT09UHFfUtG7zQaxeXGsyqD8zs41SSvpeeee6gpt5+5vO7snkASjv3DVBeKuknkh6YPfruwV9GBGQOBaDM4daCbXNAOUIye/BnGG1i9tAvPhf8IRA+j5vNHPc9B/PrCemZTQBp5usWbR6A0s5ODyi3TqFRImWeOEw4VFopAKWVUwu3K4WNXy7pxu49m5g9+Dve6/r4s6TjS+LfVvpYCr32Zu4wvwCU1lWWPKDcPDlpP505apEbQIZDqoV2B0DZVxLWgVE3UZ58ga4s6a3Zh3NDbWg1N8j6QENBU2mhEyS7+VADEOHYvUPLQ4egNgEo7YuRAwpPPljSw7IuPjJE+S4+fPefhq53B0AhmuqjXN0CCok1hNWO4RZujtnDcz+ThPnkCR8KpksL3S4BCW0vkcLFLc8dUtoEoLSvRAlQcMySZ3SurJt7SXpiQ9e7A6Dkh3K3gMJ67SPpFm7h5pg9pJ+Thp4TUR58KuQF1AhH3GUl/XxIWDpx46lkOQ3HHlKYjy6JMf9KEpGir9deuMH3ACcASe4DKdM+ErbdgHKUlEdEPgbzZyzMnVRt8i82ibCVWMJhQ84SuSNvS31vwLqDPVICFBoQSv68JN5p9Pchj4Sal9p6LgEoa8oTrgZMOMZ5nAEkWT+SRf8w7LsfJb4S1LiNm/scQFlSHhgr603uEGMlZ4i9xd4kP+3bkn5v4xxLvb9cIXbfavYgBLycl3rnLu98wCAgj65IIBsVvwkDf9awMe400R7guNtgHuHMI6w8Rkye4qon+8lnjR8r6T6FDn6dGGlfnW+Y2z2SfWsJWcfMEu3mAAob80oTYz9uAodSExK4HpkSAkvJYTyDgHKqP7sAzERP3jny7rMMviA2OwRQ3T051pkr1CoPNcAZAxSeu6+kx2QdfG6QzfMP0aB/TXS8KaAsKU+l4SHbyBiHNT7FKeIQ8PuzBVC2Kg/5eMhAvr+kU1bGiowxvoPGAAWVE7MFRDJqMXvONmw08gkgwAPGWcYin4Fm1ClMEQ5hHMPQxSTtP9KY9HvC2Ww4iFOZzUH6PojJgmFz087mSSo3ji6ybXNirmQLn3cIX97K9YvNDj/OOJhxgA4+ppy2AigAIRv7zukkoG8iGvgMmMuYhnHLVO9heRs4LEmGQgNkY9AnczdC68Mm947xIybHNyBJ/pGPrsA7ksPwZQDYh88mvR2AcmhJOOcZnyfGZAmPJfHYBFCWlqd8XMgW63Ms9wVgiiuAA48DgeRSNExSJs49HIBHc21rgLKEPNjr4Dv+zhumD8j/emM6YNhb7BXGQ/DF5I9D54Cp4kCKk7zK1WL2kBHLxmAAJx+Em0k+PONsrQ6HPBiEFUA7yYi5c6EURWJDQEQF2BA/LEgXKvqrnQYD8GBOsWHHiBR/wMyIOXCy2Kb6y/D/v6bFp81WAIXnATGygFFV7zL0+4yJsfEVGaTewY3Jxfj+mT2HJuV9DgD1TUf6ZoOiZhuhHV5zAK0Tpg/o+zfuZN0OQOHVmB4Aq/fJoZ2gpaCtlGguoKwtT4Azh53NgU3JocUmHaM5mbJLywO+qsengbHvLzzIwpcLA0Uj4nBG86oCyiULqe5TQsRm474GEBjmXTGBCnaWB66pJDUAAtsfpMYPAzjlhBmFX8TUMIAH9RzTZIw4eQEdAwROcT7baftlD+aAggn22sQPhJjsX8YBgDHfrQAKvoIPJ3ACADDLpgif0teSFkI7TCZqoMaI8D0nidHYSZcDCoCJBohmg9CQZMhBYf1tF6Aw7hwY+Qw/Ck7bUhb3HEBZW57QFtH0rCYNjRft0adVlNauFVCWlgciq2hMpvnX3BQcfrglqoBCxwCEt/WmzB40BFL3oesMDifCXhAqHZEao9+mUw8HW04+UxfNoqRFcBJjehi1bELa2sTtOWzD3D6373JAwfH6ncJ475d8QpsCCk5qVHrMHvry8xoDCE4OThAjtJvPjDVOtVi+HuaFyYTJH8kBBe20VMGLZvCJbfKh2BiRRUxfNAlPTxqcmSRA5jQHUNaWJ7TbB7kBtrgOaN4KKEvLA4ez10bwp75nQr5ozz7FJXBg7T6U/NKgKbOHl14maRig5j/SIMg/eUk2IA84/ivUeNQ3gAxzJ49OMF5OSu8kwrRqiRxhk/qNxzP0U8pryAFlzyHZj7L7nCikZCMiMHOjPOTafDSV8pN38YiJRbOvsG2pazGQR3OqOfe4KsCPfcyPlQMKfhPAp0SAOAV3aEpbpSmnrO8bXxyaKdqrEWuHOZEfPK2AsrY84V/AYekDBjWT3+bWAihryENumeDTfGXrItcABUdS7hQtqbpWCMhJkl8mxKZDhcI/YFRS02E+G4TTHl/M3oVJYB5Y5IGvAQUApYWYK+aUd4r5SIbvoxVQxt5bi/Jgc2LmYHYRpfEn2NRc/EahXUtuD3zNfSuYfgb49r45gNLC79Y2rYBCf/iXkC9POKMJBvg7eloBZW15Ajx8AAD54wBoSc5rAZQ15IEILZFaI1wFXBbWVJhbAxS+Z9OiLRiVVDZfCMji5g4cNBRfy4NTDS0GADFCuzHVCicQpkBOOHlf5D5s2VC+DxbXRz5wjJFzk9OagMIJi/3MIqGulkLVY5sx1/YwK9H2aoQ/xDs10Y7yO0F6ABTkkTVHK/FEAIFkSKNWQFlbnnIAfF/S4mvrxfctgLKGPJTq+VAq2CslLf1gc6kBCo1xEpLrYZSbPb4QEIclpkVO+FDyamPyGohOGJFij1Cg0uPgKSVjPU7Svd0zc4sOUd0sFEY3Yxt6LUAhSYuyBqJM0JxyBNoTLsU8MsLMGnMs+zXgCgq/1pgPVslt7XoAFMaKmcqB5TVePsfRiQMZagWUteUJHxS5HF7GW8tIWgBlLXkgMohZ6wmtimALew4Lg0jn/1ELoJADkF+36M0eskVBXogsWRKocsqrj/mefBXUK4jvARJClFP3r5Kchm2/yQLxTB4Kz08263cNQAFAcVp7jYIwLM6s1hvEnjpiCpbWduqzkk+oF0BhXr40w+aJ/AAkdodKywVLa8sTYWFC70ZzzNsWQFlLHoi2vqOgCdo8yGVifFgLH/SC1gIotCf0a1cR8H/yOuykt5oDTksAYexqxtzbTT9mHnlbE09+KfHM3nt9NwE0HDZqK9He3z7PBs+LGOlrDUDBl8RpBdLjazJqNVtoj5MU1dNoDBBb+eHb9QQojDsPh/MZGihOxFYNBTleU544aH392lRkMV+zFkBZUx7ws6ENY7bl2qAfKz6W21pCayug5KohDjDi1NhbVgjoQaYk0Hm0gTaYU6hW3HtC+I8LdnCyjtWe5L4YQsFMuJVI1vIqJ/35miXrZ2lAQRPBGYwDkpg9m8GnynOKUa5eo3z8L07Jg7XnWr7vDVAIBKCF+GxS5kk2MJGsFg1lbXkiWZGoidHSgLKmPNiYyaMBdEkLIZWDyFJOmD9ctbl/K6BQkJVnJWL24Fi1QkCcqmb6jAkw4T0crkao+jh8SS8HcGoaR67ioXJ5G7W2cdiA3LlhRH/eP7QWoNAv4UMcsYTEH5VqJOx9gDKmT+3ibfJmqG8xAoS8Sl2b/9T3vQEKc0Fby0PblFewAez+4ak7ZdeWp1zLoI6NRLEWatFQ1pSH0hhJuSeCiWsDLdATMrxnK6DwIIldvi4HjYS6HMCGzYKzrFbVWhIAUNsKBmsx+jwJCaYDbK309pTBa+3ZnGhfOS2toSDkmHKWHIdmR04FCXNGRJu8OVOaU54xSl4NiW1LUI+AwrzzNeUz8mPs4uspQFlbnvKq/TGNuLR+LYCypjzUZApQQQHwmvZecwAFh5JHV/IYrLS8Vqxlg0M9Bcl8cpL1Q3gaP80UKHkHMH2yKSmtbiVUYRySRmNa1dKAUnI0UyuEQ8uvQU3Ly6vAcY6hkjblCFSY1CugkDQGgPj7e/xUpwBlbXny15gypjkHQAugrCkPLXsKZQBte+ehOAdQ8pRc6wQAQDtBS2kh0sBLP80xlkbt+wSQOO0NyHAEkwjXcis/6homljlEyYXhs1LYdTsAhXnlYUWc3/B57KpMwr95RGip+3Z7BRT4mBfHtQLK2vKUAxbATw4QCW41agGUNeSBPsnzeV1tgMl/5ffPvnMAhf4pyMp/DAxb1Ref1cbhE9h8W2pEPlV7uPBTH7VaA+tyThLQdgEKpyq/W4SQGdV+ttTu2rX2jNXXSjWwsNikZ0BhQhQyln5svPa7PPlPxywpTxx8aOQ+OxuthcOzRi2AQh9LywM+TnydmIy1i6x4P7V5ph3uMxdQfEasMQRtg9BxK6EhoM347Fv+78PSU30BPISVbey1alv64p0kQ/kflBrLxqX9dgEK78rT9Akr428Z+6nVPLuTPubeCl/ib++AQko7pg/3iXiqAcra8pQ7fon4USVdumrDj7sVUJaWBwOUFosB64Aqf9uLe88FFO6m4EQ1IipB7kmLyeGZhROW6lojMvN8BW0NnPJFgqlEcMbI7mmx72vh5u0EFMaUCw8nA0l/eb0NbccuHaK4kDD8VKSIhCXWvJTl2DugwBuiOwQL5gAKbdeUJwCOPWPXAfA+spTJlxk7NIiekp8E2BmNXTuxtDwYoOBaIODCVR1jRA2a3XcEBsyK8lin9mt+/H/TG+mJDhEqNqqV4OcTIumGJCa7FRw/DmMBKKxftBKYg+MINdaI7EW0qtL1CdZmuwEFAQJEfE4FAOHT7D0PCLETos+1OnwvfI7GR50UfMImRhvEGc1z3DhX+mnO3QFQ4BE/Uo/WZ1TTUGi3tjxh5mOS2YVgvBOZxUmLto3WgtnAWuFDI+Ezp6k9sqQ8GKDwfswZNBXMQl+qQa4Y+VyYb+aT3HGNyFwNhZd4z27tWroJcNtxpwYIjCOSK+/mEhMh7Evoz29ENhWX/dqFutYvi0aImCS6UiSJi3aYD39UOttNZTyP9sOFz/zYNoBV+mlMeIlJRakCuSFcMGWEuUUSElGd/F4VojQIPRE0H9unQhgPOjYyviVqqDwhfIAoYfOWdaRAkDAmpwqCAhHyI0rGnPEx+RA0YyX92uaMQLVUydbW0X4sHV8cf2weKqJZNw4r3scft7RN3cMx9h40AUwf0whaAIW+lpanfHxsVPKmfKrA2BxIgCTJk7EbwR8q1AmTl8pblpAH3lUqteFzklnRfsma9RE1Psfa2JGP1iKI+aQt45VNUkLSmkDZ91aPMbfiNu8flfK6qYoTdLdbxJk83nRKsSlMxGudb0rf19gl1fn78kur7Xu0AIRgiojQeAcsbfNwfOn5qbA8IISmRhYjeUI4AMlzYf6oqwAh4LBfVuLPe6Yuqc7HMXbVQ+t6WzsqVpGhGgEqmNibEIBu1yu2Aoq9Zyl5Ko0b4CTjFC2RIlpAgBQKDkAOVg4OrkBlvTDfSveQjMmfvW8r8mB9UJxLhIoxknDJgQ9fGCvmMuYQoIc2jInJ/3fQJoDCc2SXktpcy4ydEgZQjroawsjVsuhNpCqeCQ4EB7aXA5sCyvaOMt4WHAgOdMGBAJQulikGGRzogwMBKH2sU4wyONAFBwJQulimGGRwoA8OBKD0sU4xyuBAFxwIQOlimWKQwYE+OBCA0sc6xSiDA11wIACli2WKQQYH+uBAAEof6xSjDA50wYEAlC6WKQYZHOiDAwEofaxTjDI40AUHAlC6WKYYZHCgDw4EoPSxTjHK4EAXHAhA6WKZYpDBgT44EIDSxzrFKIMDXXAgAKWLZYpBBgf64EAASh/rFKMMDnTBgQCULpYpBhkc6IMDASh9rFOMMjjQBQcCULpYphhkcKAPDgSg9LFOMcrgQBccCEDpYplikMGBPjgQgNLHOsUogwNdcOB/tEICcOps4OoAAAAASUVORK5CYII="/></switch></g></g></g><g data-cell-id="7QqzYbiBiShg53c-Jw5P-19"><g><rect x="75" y="405" width="60" height="110" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 58px; height: 1px; padding-top: 460px; margin-left: 76px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Verdana; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">VM  #1</div></div></div></foreignObject><image x="76" y="453.5" width="58" height="17" xlink:href="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAOgAAABECAYAAACLd3ntAAAAAXNSR0IArs4c6QAAC7JJREFUeF7tnQnQf1MZx78UbVJKm21KtKkoW5Kl0oIapKYyJTGopBERlcquBY2oGEvWUoYWKlQqbVosrTRE2bK00K6o85k5Z+bMcZdz7/297+/c63lmfvP6u2d57nPO95znPMu5S8jIJGASKFYCSxTLmTFmEjAJyABqk8AkULAEDKAFD46xZhIwgNocMAkULAEDaMGDY6yZBAygNgdMAgVLwABa8OAYayYBA6jNAZNAwRIwgBY8OMaaScAAanPAJFCwBAygBQ+OsWYSGAtA15H0447DdYAr/8HMOldJempG2TdL+rSkEyTt1FL+XklPlnR9Rru5RR4s6feSHtNSYXNJX8ttdAHL7SrpU5KQxbKS/l7T15clvULSNyRt1pOfR0tizOlzP0kf7dlOUdXGAlAG91WSniXp2ZLWl/TwRJK/c2V+Juk3/vdNSddkSvvFkp7jQQpQWRAe4ifWpb7dKyV9SdJNvuwmkp7mf2tJekRFXx+StG8mDznF3iLpkxUFefefS2Kh4fdFSXfkNLjAZY6V9DY/Dqs39AX/q0j6mKR3duTpgZJ2k/QBScv5unsbQDtKccbF3yrpE0mbH5b07hn0AzBvdpPlkW4xOMdN/G0z2jzGT5K0KCBZ2YH0XxlttBVZ0oOvaqK/UNK32hqYw/PvuF1xI0nn+gW2igUW3zv9gx0lndyBTzSFI/0iGVczgHYQ4kIUXcbvZAxuoNud6rmSpLsHdogae5Jv4yWSvp7RXh1AqbqDpFMy2mgrwkJxdk2hUgH6Z7/QHeh3uCr2XyDpEv9gXafq/qRNEJKe7oH58pqyBtAMIS50kSpQbOfU1M8M7BiVdj2vJqPC/i+jvcALZyx2YHa7QEw4Jt5Q+qFX7dltUnW6RICisqK6Qq9pWFxQgVGFOaey8P6zQVCPcs+wK6BBodre4nbPz0p6irNRbBnVM4AOnW0zqM8q+qukHVQqzoZ9ibPk5b4yZyHORDkUABrOghg8YuLM/KOchmrKoCbybhCq/D5JuRIBCmDO83xyrsc2UEWcqTlbX12hqqblMZBxzvyCM8Cd5o1K90hKF2sD6IDJNsuqGIKYnDGtUQHc3D6Pc+fPXfwqvqIkVLQcigHKZPtqUonJtH1OQzVlgpXzF5J2d4vQxSMAKJbUQ70sMegBpCr6nqTn+x2WnbaJUPOxTqfWYAPogMm1kFWrzmUfl/SOHp0yiTAOoWZxBm1zo8RdxAB9kt8tVosK/NsbizgndyU0hV86FwIWd86z7NJjAOiZbld8vaSfeqt43XujsmNLeL+kg7oKx5c3gPYU3EJX4xyCn5HdLtBf/L//0bHz2DKMm4WJlUsxQJ8oaU/nBjoiqfweSYflNhiVO9H5PrFu4t4B/BuOBKDs9mgz+I0xvFURsrrOP9jGq649RGQqbh+hLVad/Z1RBithTOx+wRKby8cVzh2wpg+IwEjUhVKAck660Z0XHxo1wvlp1QZVr6q/J/gFaGnvQuL8uekIAAq/f5O0lKS9vMW16v1e6X3LPCOo47ddhB6VtR20p+AWo9rjfXQNkyEQUUddQPY8ST/wlUO0UBfeU4BStyraqOsucbgH5l+9iow6WBJAUbm7+C1zZYq2gMsslwyguZKaUzlM7a9N+l5b0mWZ/KCGvcmdXf/k1eOugQVVAI0twoENfKr4VnOIMzG7LgETqMvv8pUMoPeVngE0Z0bNsUzshghssIPtnMET6igrNv5LolJQybpSFUBpI1goQ3v4VDH64FJoI/ggnvQ/Xv27oUCAcsYkmielrVyABwEILHhN526OJxiIkBOuk0BoDFjUc8kAmiupOZYjVpY43UCY4ldwBpu7Wnjawzn+j/IBCTi8c+N342brAErgxBlJ/zlWZtR1zmOoeadLemPURkk7aJ1ocTMR5XOhOzq8rKYQ1nLGBus0Vnfk0pcMoH0lt4j1QuZE3OXbfZRKExsEO7CrNU2mtteoAyjGEna+x0YNMCmxOmNEqSMAeap/iKrM4hNoDAD9gwvqf5zTSpqSBfB9snNCaEDfbRNyw3MD6ADhLVbVh3lVNQ6Dw9RPBkwdxZO9qwEnbrMOoJQ52Kmp700YILytKislFAvaQNWiUTpAsTzjT4bwg2IfqKIQ4ofaz5ih1vYlA2hfyS1yvaN9pE3cbdPqHIxL7HL4GOuiXdpeowmgqKn4ah8QNULgwTNrGkU1DJFIL3V+z4uScqUDdAsXe3y+55lY5rrz9vHeRsCRoikVrU32PDeA5kipgDJMiF8nfHAGfEMFbyQ946tEDcVYwU7Xl5oASpukrbFDx1QXP0vS8ou8Wot6m1LpAEVbQJbYADAAEQRfRcQmk0RAhk5biF/buBhA2yRU0HNcGSRgByLMjjPfHxMeyR3Fz4iVlMwLzk19qQ2gAA7gxVQ1MXENhXQrFpXUwET90gHKexGCSfbNBjUCRZtApcVy/j4X0HBIX8H7egbQgQJczOrsVOxYMaXZDVgOUa2I7PlchQ+1K79tAKW9YIwKbf/XhcER6oaLJ1CscsMbZVIqCaDPkIQaHhOZNpxDCRYhHreKcG0RewuRK0sUV0yAlxDHXDKA5kqqgHKszsR3cpNBIMCICyXkdmL6D3f2MOG/PZDvHIBiUU5dCQSHh4kKWOET/pvC40oCqEUSDZw4bdXHcidR23ukz8M5KP7/scGFKzi29rsazvahlANQzmPslvj/At3q1WtugQC8gJhwPhaXOqumAfS+o2U76NAZvMj18TtimcUAFCjcL0TwAilbZMKQW8ngDqUcgNIH9yiRNRMTwQwXeH4Jrm+7aKwkgKZyC0EfnOtxe/G3ioKdAGtvmtzeZywMoH2kNuc6IR8xsMF5DmMQCdlcm5EbaZTzGrkAZbfGNxvT9726TUYOOynunuBHrOq7ZICSQUSyATcMxlFd6Xvc5q8OJaE79RHnyDstYwDtI7U51yFvMo1O4d5UUtHwTeKHI/poFpQLUPri9r30WhbUWYLjm3InA58lA5Qc2udWhCfGMo4DGUhwwEg3lAygQyU4p/ohxzN0zw4V1N40hG4Ii10A+mqXyPz5is4wYBH1RBBDE5UKUI4MhC8+yN+Z9JGal4gDMZoCGbqMhwG0i7QKKks2CztlSqiV7LCzoi4ArboFAj6+ktxMV8dbqQCN1Xes5IQpVlHwP3N7HwazukCGLmNjAO0irYLKYnTBckpOZUwEo5MlMivqAlD6xLWCuh1T7s18pQI0ztxBja0L/Ai2ga5J9U1jZQCd1UyeQzukkmFdDMRt75xBiTCaFXUFaHoLRNvFWjGfpQI03P7AxWhx9k4q43BXUW6+bs4YGUBzpFRoGQKxCdgOPt82N0af1+gKUPqIb4F4nUt5Oyuz41IBGnJAm26N4HzKOXWWLi7EZgDNnDylFuM8xFUjnHe4DjPcJNeXXwxMAIU8Un78O9z9iouBBSH8iE2t+hxFuAWCTBd4qsuk4Rm8c/kz0VBkwcRRUrwDPl8+HMWHk0gWmMfHk3ANodo23UqBhTfclrhx9MmHnHHgtn4uw6YPfNn8Df/NIhx/BoS462u9uwq+uIGev4x7emVpTt9zKzPVSKJUoFzBwZUauYaYtgHJ+fxgaKPpPEbeJzGnpMnVEV9H63pd52J/fnB59/GocOdv07do4u/eYBcIH01qkzfP+fRi02chctogQIWQytHQ/QWgxLdy0zlqWJf7bkczkMboNCVwfwHoNEfP3mryEjCATn6I7QXHLAED6JhHz3ifvAQMoJMfYnvBMUvAADrm0TPeJy8BA+jkh9hecMwSMICOefSM98lLwAA6+SG2FxyzBAygYx49433yEjCATn6I7QXHLAED6JhHz3ifvAQMoJMfYnvBMUvAADrm0TPeJy8BA+jkh9hecMwSMICOefSM98lLwAA6+SG2FxyzBAygYx49433yEjCATn6I7QXHLAED6JhHz3ifvAQMoJMfYnvBMUvAADrm0TPeJy8BA+jkh9hecMwSMICOefSM98lL4P/HglVjdWcrzAAAAABJRU5ErkJggg=="/></switch></g></g></g><g data-cell-id="7QqzYbiBiShg53c-Jw5P-20"><g><rect x="145" y="405" width="60" height="110" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 58px; height: 1px; padding-top: 460px; margin-left: 146px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Verdana; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">VM  #2</div></div></div></foreignObject><image x="146" y="453.5" width="58" height="17" xlink:href="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAOgAAABECAYAAACLd3ntAAAAAXNSR0IArs4c6QAADJZJREFUeF7tnQfQNTUVhl/sWEBHUcQygB1QFBHsIvauiFjGiqMoSrcrKmDvY5fB3rBX7A0LdrGBig5FwRE72BXLPjM5MyFmd5N77/d92f3Pmbnzz//dJJt9kzc5OSV3M7k4Ao5Aswhs1mzPvGOOgCMgJ6hPAkegYQScoA0PjnfNEXCC+hxwBBpGwAna8OB41xwBJ6jPAUegYQScoA0PjnfNEXCC+hxwBBpGwAna8OB41xwBJ6jPAUegYQScoA0PjnfNEZgKQXeV9M3K4TqiK//Mwjo/lnStgrIPk/QmScdIevhI+f9Iupqk0wvaLS1yMUk/l7TVSIU7SfpEaaNrWG4/Sa+VBBZbSPpLz7M+Iumukj4r6bY9Zbbu3unGknaRtKOk7SVdKbR7AUnnSvq9pJO6tr4l6d2SfrqG77YuTU+FoAzuXpKuK+l6knaXdKkEoTO6Mt+XdEr4fE7SzwpRvI2kGwSSQlQWhM3DxPp6aPd73eT4sKSzQtlbSbp2+Fxf0paZZz1f0pMK+1BS7FGSXpMpyLv/QBILDZ8PSfptSYNrXOZVkvYP43CNgWfR/6tKepmkQzLlLrvg+3xK0mMq5sEaw1Hf/FQImr7ZoyW9OvnjCyQ9sR6C/6sBMX/ZTZZLd4vB+7uJf++CNl8ZJkJaFJJcpSPp3wvaGCvCLgH5chP91pK+MNbABnz/xW5XvIWkD4QFNtcFFt9zwhf7SnpjptDlOnx/E/7+36AdvE/S1yRB7n9JosxukljEbh+18TdJdwu78wZAsNwjp0rQS4adjME1YQCvLOmfy0Ei1Ng3hDZuJ+kzBe31EZSqD5X05oI2xoqwULy3p1CrBP1DWOiOlPSMnr7fXNKXwnc3CuppWjQm6J07DerjI2AdLolnmqBaoxqjXU1KpkpQQM6R4gGdmvrOJUcAlZaVmMFEhWXFHhPrCxOBHZjdzoTzEBNvWWG3QLVnt0nV6RYJisrK7obcZ2BxQQVGFeacysLLjtdH0PPCmTNXJq1zvKRbRn/keHKPZQdhvetPmaDXkXRyAhgqFWfDRYWz5ImhMmchzkQlYgS1syAGj1gg1jdKGuopg5rIuyGo8k9IyrVI0Lt0Z/mPhn5yru/bvThTo5b+JCyIOQhsB2Vs2AlLhEUBQ5EJC8AVFjzLljxvTcpMmaAAgiGIyRkLFr6UuKXgva47fz4yrOJYCFHRSiQmKJMtVcHeKunBJQ31lDEr5w8lHdAtQp+fAEGfLOk5AUsMev/uebevSLpp2GEh1RBBGR/wLZErBltCXHZoJy9pc93LTJ2guXPZKzpz+4ELIMkkwjiEmsUZdMyNEj8iJuh2Ybe4elTgH8FYZIaOmu6hKeA6YKw4z7JLT4Gg7+h2xft3BppvB6t43zujsmNLeLqko3oKcWTYJqj3f6oAD+PRhaLyB0l6eUX9DS86dYICPn5GdjuTP4b//7US3dgyjJuFiVUqMUG37Xxyh3ZuoBcnlZ8i6bmlDUblXt/5PrFu4t6B/DebCEHZ7dFm8BtjeMsJWJ0WvriXpA8ugM9QFWwCF48KPE3Ss1f8jDVtbuoEBZzUYsff2P3MElsK4Hc7d8DOISACI1GNpAS9jKQzk8lBgAHO9T5VL/c81DQWoIsEFxLnzz0mQFD6++eODBeWdFi3Q76kB0zcHxhvEII6Tq0BfaTsRTPuLY4HjNVkZA4EJcKEyc9kMCHqqIZkRKh8NVS2aKGaQUwJSt1ctFHtLvG8QEzUOvypqIMtERSVO+e3rMEuVxZtAZfZMoJKTDuxlLholnnmyuvOgaCAcqyk+ybo3FDSdwoRQw17SAgVQ12uDSzIETS2CFs38KniWy0RzsQsPARMoC4/LlRygpagJ92kC1g4ISqKFZcQScIBJyNzIWjshjDw2cEeUTASqKOstPgvUcVQyWolR1DaMAultYdPFaMPLoUxoR8vClEyqH+/aJCgnDGJ+00FfyMBCJBh6NzN8QQDETjF5080Biy2ywghlvGzMaztuUyDG1F3LgQFO2JlidM1wUCAmkMQ9ZAc3Dn+XxoCEq65YNxmH0EJnHh78vASKzPqOucx1Ly3SXpQ1EZLO2gfrriZ7ti5T4iFvUNPIazljA1zEKs7uKxSSBaIn71PZ7R6zyofsB5tzYmgljkR4/bYEKUyhCU+U3a1ock0NhZ9BMVYws53+agBJiVqNEaUPoGQbwlfoiqz+JhMgaC/CkEBQ8kC+D7ZORE0oC+PgVzxPQEJ4G52CfAjwAE1d1IyJ4JeIqiqcRgcpn4yYPoknuy1Bpy4zT6CUuZZnZr61KQDhLflslKsmGkDuUWjdYLGAQL4QbEP5MRC/FD7GbMa/+YYybB2Pz4UgpSo22YEHKvb1PdzIijA4oTGlB7L0OpsxiVWW3yMNS6QUoKipuIquWBUgcCDnXpmAqqhRSKRlfHppFzrBMVSelzoM7HMfefto4ONgJTAoVS0WsLQFmmH5M4i5ASTGzxJmRtBmRA/SkaCM+ADM6ODRQ9fJWooxgp2ukVlaAelTdLW2KFj6YufJWkZYwa7KOptKq0TFG0BLLEBYADqUyuJTSaJgAydvhC/2vFApSXtDvUZIc2NaLOShIfaZ61L+bkRFNBwZZCAbUKYHWe+3yWIkjuKn5FwMDIvODctKmMEhXAQL5bcxMQ1RPYLwqKSGpj4e+sE5b0gBdk3uDpygjaBSovlfJXRPZYgzjOJ0yZgv9ZltugcWJN6cyQoOxU7ViycR3BZmPDeqFZE9pDxkPpQa8EeIyjtmTHK2iZ1ilC32Jkeq9z0jTKptETQHZLkaPpKpg3nUIJFiMfNCa4tYm8RcmWJ4ooF8hLiWCMQ3WJ5IefdB65YqWl3Q8vOkaCszsR3EnljAhlxoZiqg/nd7uxhwpM7uIyUEBSLcupKYELZRIWs9JP+D4XHtUTQViKJWIAxDCEfCzv4pHdOm4xzJCjvZuegmHSxwYWzyT3DroazfVkpISjnMXZL/H8mZwf1mlsgIC8kJpyPxaXPqukEPf9okYRgAfD4jAnVzGkey47xhtSfK0HxO2KZxQBkYvcLEbxAyhaZMKsKni4hKP3gHiWyZmIhmOGTob9kXoxdNNYSQdNJa0EfnOtxe/FvTsxOgLU3TW6vIULsTnlhiFuerEEo9+JzJSjvavmI9t6sqhiDSMjG9F4aaVQyYUoJym6NbzYW4kVRt7lDh50Udw95qX3SMkHJIGIH44bBOKorfZdfh7hYErpTH3EJ3iyuhHISP41rjEik9BK5knaaLzNngpI3mUan4A8jFQ3fJH44oo9WIaUE5Vm4AdJrWVBnCY4fyp20frZMUHJoidhJwxNjjONABoxz8bUkJWPBzoylGH8xi+z9oqtVSupPqsycCcpAWI6nDQo7lKm9aQjdMgNXQ9C9e2JCUc2IeiKIYUhaJSi7GuGL5GFiyUXlzEkciDEUyJCry/24qMXc8YRbDPW4JrF+mTHekLpzJyjZLOyUqaBWssOuSmoImrsFgn5gfcRvNyatEjRW37GSE6aYE/M/czMfBrPS+FgMZ5zVLRuIZ9itgWOYTfb7uRMUowuWU3IqYyEYHTVsVVJDUJ6JayUNPyu9ma9VgsaZO6ixfYEfZhuoSapnp4XwkJRrUVnI0sCTVY1lU+3MnaCATSoZ1kUTbnvnDEqE0aqklqDpLRBjF2vF/WyVoHb7Axejxdk7KcZ2V1Fpvi5XbnKjPuotQpxy7X1TcR8wEk4maXtTICjB0wRs27uOuTEWIW0tQXlGfAsEho53FT64VYJaDujQrRGcTzmn1ri4uB1xlT+CxC5MDPYkZFMgKAOBesRVI5x3GHC7SW7RQcLABFE4D/Hh/3b3Ky4GFgT7YHHM/RyF3QJBpgt96suk4Tv6zuXPREORBRNHSfEO+HzJ4GCnIVlgI348CdcQqu3QrRRYeM2ow63v9pMPQ+PgBF10lk6oHldwcKVGqSFm7NVKfn7Q2hg6j5GxQszp0F2t6dUdY33j+/X++cH4t1OGfosm/t0b7AL2o0lO0B4ENpUdlPhWbjpHDZu1Wb6EvV5mOghsKgSdzoh4Tx2BCAEnqE8HR6BhBJygDQ+Od80RcIL6HHAEGkbACdrw4HjXHAEnqM8BR6BhBJygDQ+Od80RcIL6HHAEGkbACdrw4HjXHAEnqM8BR6BhBJygDQ+Od80RcIL6HHAEGkbACdrw4HjXHAEnqM8BR6BhBJygDQ+Od80RcIL6HHAEGkbACdrw4HjXHAEnqM8BR6BhBJygDQ+Od80RcIL6HHAEGkbACdrw4HjXHAEnqM8BR6BhBJygDQ+Od80R+B/4ynBjEdaNtAAAAABJRU5ErkJggg=="/></switch></g></g></g><g data-cell-id="7QqzYbiBiShg53c-Jw5P-22"><g><rect x="215" y="405" width="60" height="110" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 58px; height: 1px; padding-top: 460px; margin-left: 216px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Verdana; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">VM  #3</div></div></div></foreignObject><image x="216" y="453.5" width="58" height="17" xlink:href="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAOgAAABECAYAAACLd3ntAAAAAXNSR0IArs4c6QAADPFJREFUeF7tnXXMLa0Rxp+v7pLULXV3d3dJPZXUm7q7u3tTb1N3d3d39zZ1d3ffX8MkhCy7cM557wXemeT9495lWZjhgVHOIXJyDjgHmuXAIc2OzAfmHHAOyAHqi8A50DAHHKANC8eH5hxwgPoacA40zAEHaMPC8aE5BxygvgacAw1zwAHasHB8aM4BB6ivAedAwxxwgDYsHB+ac8AB6mvAOdAwBxygDQvHh+Yc6AWg55T0qUpxPWhq/8DCd74u6TQFbW8s6fmSni3ppivt/yPpFJK+V9BvaZMjSPqBpGOvvHA5SW8v7XQP291C0jMkwYujSfpz5ltvknRFSe+RdMlMm+NMzy8k6TySziDpJJKOLukYko4U+v6DpG9L+tLU7m2S3iXpn3s4vz3vuheAItyrSTqTpDMHIR014c73pzZflPTN8PdeSd8q5OAlJJ0tgBSgsiEcMSysT4R+vyDpjZJ+HNpeRNJpw99Zw2JJP/coSfcsHENJs1tKevpMQ+bOomSj4e8Nkn5V0uEet3mqpFsHOZxq4VuMH8A9UdKdMu0A2mEqx/szSfeW9LzK95pp3gtAU4bdStLTkv98tKR77ICzAPMnYWd+7bTwr17Q51Mk3WamHSA58QTSvxX0sdbkUAF8cwv9YpLev9bBQXj+wXDqvS5ssHNDYPP9fXhwkwUw/UvSocOmycnIJvTxcGL+JWyQbODXDtpNDGZOcTaK/x4EHmz1yV4BepRwkiFco19OqueJph3zH1txREKNfW7o41KS3l3QXw6gvHojSS8o6GOtCRvFqzONWgXob8NG9+AJHA/IjP2Ckj4Unp1rUnU/nWlnAAWAr1hh1sWDin/YqN3NgmmyxuemnvcKUJg4B4rrTmrqy7bkMCrtuYOajApbsuvaWLCxOIE57YxYcCy8bYnTAvuL0wbbK6YWAYrKiuoKXXNhc+FkQxXGTmXj/esKQLFF2YzX6LGS7hI1+mnYwPlON9QzQE8n6asJp1GpsA03JWzJz4WXsYWwiUrIAGq2IA6PmADWJ0s6yrTBOcLcIFT5uyftWgToFSZb/s1hnNj1+AbmCJsa2/obwZ7PsYkT9LuSlmzZ+F3UXXwSMZ1XEhtwN9QzQGEyjiAWZ0x4+FLglgrkmZP9efOwi59QEipaCcUAZbHhQYzpRZJuUNJRpo15Ob8s6XbTJvS+DgB6L0kPD7zEoffvzNw+Iun84YTlpM0Rc39HciousRQthtP4cFEjZIAsuqHeATpnlz1Z0u03kACLCOcQahY26FoYJf5EDNCThdPilFGDvwdnUYlqlg4dTeEr0v+L67FnOaV7AOhLp1PxOpI+E7ziOZGgsuNLuP/kBHrIBnJbeuUXSUjqDpKetONv7Gl3vQMUTx1xRk47o9+Ff+PZq6HYM0yYhYVVSjFATyrpzpIel7yMu/8RpR1G7Z4zxT7xbhLeAfwX6ASgnHhoM8SNcbzNEbxCbYWuKun1G/Bn6ZXfSDpm1GBXDrsdDzPfXe8AZWb3m5wyeAlj4vQzT2wpMz8v6SwhIQInUQ2lAGVR/CgE0K0fEgxOvqDqzX3v+GEDQk0jhIT9edEOAMp4/yQJLyqOmsdnmHmlEFvmMUkd36lh+kpbkhf+mDjsziHpszv8xp53NQJAjxeya2KXOllHNSDDefCxwG3LFqphfgpQ3p3LNqo9JR4ZgMlCI56KOtgSQDmR9iIJAG2BkNk2hG8CH4URpgEbpHtxt+Hqhu++XNK1kndrdkvUsBtOtisqEepybWLBHEBjj7ANjZgqsdUSwibm1CWVDXX5ruElB2gJ96TXJMkR3am3THOEE5R5xGEIEx8nGMHpNUIdZccmfokqFsfO1t6153MA5Zl5KK0dMVWcPoQU1ohxEMsjxQ3174cNAhQbk7zflK48JXiQgMCGt2R3Y57gIIJPsf2JxoBHfVO6WzAHYvng/e6ORgEojCdXljxdI5IGTjA5bEigXqI7ToH/J4SEhFNX5O/GfeYASuLES5KPl3iZUdexx1DzXjyls10/6qOlEzTHV8JMl53CJ++cTIfLZBrhLUc2rEG87vClhnCY4TMwwuZEhcWzj/YC4TUn3IOjrUsaCaBWOREL4rYhS2VJOMRMOdWWFtOacHMAxVnCyUf2ixGLEjUaJ0qOAOQLw0MWG5uPUQ8AJUn9uJNWslQsQOyTkxNCA/rwGpOT58h2DtSYJ+TpouISP641VyqHsbfNRwLokYOqGqfB4eonoyRH8WKvdeDEfeYASpuHTmrqfZIBkN42V5VizUwbmNs0WgconmfiyRBxUPwDc2Qpfqj9yAy1toZyALU+CL+9NWgg5gCs6b+JtiMBFIYShE5tjaXd2ZxLnHKoTLlslzVhLQEUNZXFQiWGEYkHZ8x0impomUiXDjWNcdPWAXr5Kff4LWHA5DLn7O1nBR8BJYGl6XtLckDFpU6WvGcyhki3tPVNbSyxZPJxu6LRAMqC+FoiAWzA681IBWESq0QNxVnBSbcpLQGUPilb44SOKZc/S9Ey1RicomZL9QRQtAV4iQ8AB1AurEFuMmCiQmcpxW9TmcBvNmBL9eNUP1/wjG/a5wF/bzSAwkBCGRRgG5Fmh83364S7BP6JM+IlpfICu2lTWgMogAN4Mc0tTEJDVm7FppI6mHi/9ROUeeGoofoGQMwR2gQqLZ7z+04JDQ/blPEr71HwECdJoOpi+3ZDIwKUnZMTKybc7oQsjJg3qhVev1fOxFBrBbgGUPozZ5T1TXUGqW6EeIxilZux0SallgB6ekmo4TFRaYMdSrII+bhzRGiL3FuIWlmyuGICvLvwvB4+OOniK2IwIUi674JGBCi7M/mdZN4YAUZCKFbbievf7uxhwX9gS2mVAHTOqUFyuC1UwMo4Gf9SelxLAG05kyjd9Ozf3MQxd/vFlktgb14fEaBwyuygmGuxw4UrOK4STjWC7dtSCUCxxzgtif8Z/Tyo19wCQcgAEJPOx+aS82o6QOukxeVxtgny5kdDwUFdLwep9agAJe6IZzauBbT7hUheIC+TShg8voBrWyoBKN9g96ZqJiaSGVC5GC+eyLWLxloCaMo3S/rArifslbtRz/wEeHvT4vZtZZG+T4rkY6L/XCsM3/X3t+pvVIDCFKtHNAZhz+EMoiCb6zhLM41KGFwKUE5rYrMxsaOjblORw0lKuMfiiHPfbhmgVBBRbMANg3FWVzoPq9OkoDuNEZfwu6YNso7vQ8Le5QbHLmhkgFI3mWanoO5QikZskjgc2Ue7oFKA8i1u30uvZUGdJTl+qXbSxtkyQKmhPftMemLM4ziRgQIHnHRrRJ4uV9Egv1pKtRa0FRxFXdDIAEUAVuNpwuCEMrU3TaHbRmA1AL3GVMj8qpmP4cAi64kkhiVqFaCYDKQv4jnFkxurlfF84kSMpUSG+B1CYMgODaiW7LI1e4/TNK0fru3zgLUfHaBUs3BSprRrR0ENQOdugWB8pKVx0dYatQrQWH3HS06a4hxZ/Jn7gnCYldRnUjiA6o+n224KXOMTz3G24dGPs7hIsE8vEyvp66C0GR2gOF3wnFJTGRPJ6FSJ7IpqAMo38Sqm6lrpzXytAjSu3EGNzSV+mG+gpqjerk/JJW/k5GjXxdhz7tPlXt1uaHSAIghKyfAuGnHbOzYoGUa7olqAprdArF2sFY+zVYDa7Q+UeMXVOymPDWyl9bq8b2mB3HkMSNdOXdY1zqf4EjJOUvwSXeXj7geAkoiNa93muhbG2AS0tQDlG/EtECW3pdu4WgWo1YAu3RqBfYqdWhvi4hZD5g1ReEDIjP8D7GhIhHNIG0QNvnBw/sV5zPxeDebDLu882mSdVL+zHwAKU7CHuGqEnZfrMO0muWqGhRcQPguGOlL++Lfd/UqIgQ3B/shNnfs5CrsFggXHmHKVNDxj7Fz+TDYUVTBxlhRDIoaKXcVCpFjgYPx4EqEhVNulWynw8NptiQDJfvJhTQ5cgL1knxNCm/thJW54xIvLSdplXeh+AShXcOCqL3XErC2Ykp8ftD6W7DEqVrCTlu5q5dfRaq/rPNA/P3is6OcYlu7+iX/3Br+A/WjSGr/xJVD5wnWoeH7ZtOArObY8wzMPAAEkJyqbAOAnYyz3UxJr32zi+X4BKF48rr5ADau577YJIfkg9i8H9gtA96+EfeZdc8AB2rX4fPCjc8ABOrqEfX5dc8AB2rX4fPCjc8ABOrqEfX5dc8AB2rX4fPCjc8ABOrqEfX5dc8AB2rX4fPCjc8ABOrqEfX5dc8AB2rX4fPCjc8ABOrqEfX5dc8AB2rX4fPCjc8ABOrqEfX5dc8AB2rX4fPCjc8ABOrqEfX5dc8AB2rX4fPCjc8ABOrqEfX5dc8AB2rX4fPCjc8ABOrqEfX5dc8AB2rX4fPCjc8ABOrqEfX5dc8AB2rX4fPCjc8ABOrqEfX5dc+B/N5OBY14s6loAAAAASUVORK5CYII="/></switch></g></g></g><g data-cell-id="7QqzYbiBiShg53c-Jw5P-23"><g><rect x="305" y="405" width="60" height="110" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 58px; height: 1px; padding-top: 460px; margin-left: 306px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Verdana; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">VM  #N-2</div></div></div></foreignObject><image x="306" y="453.5" width="58" height="17" xlink:href="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAOgAAABECAYAAACLd3ntAAAAAXNSR0IArs4c6QAADuxJREFUeF7tnQXM9LgRht8rM6uMV2ZmZu6VmZlVZroyXUFl7pWZmZmZmZmZKU/Pc7IsJ5nst8km0Yy0uvu/dZzx2K8H7d1HQSGBkMBsJbDPbDkLxkICIQEFQGMRhARmLIEA6IwnJ1gLCQRAYw2EBGYsgQDojCcnWAsJBEBjDYQEZiyBAOiMJydYCwkEQGMNhARmLIEA6IwnJ1gLCQRAYw2EBGYsgQDojCcnWAsJbAOgd5P0mIGivKik9zmeOa6knzra0eRkkr4n6VuSTt7zDG1OJem/zr49zc4u6VOOhoeX9DdHu7GbIFfk+6iGn3u1vCwf0wUlfShrd/1Gzi90MPlASQ92tLMmP5J0Akf7z0s6i6PdkCZHlnROSeeQdEZJp5R0IklHk3RYSX+U9HtJ35T0WUlvlPTBIS8Y2nYbAAUYl5N0pjSoc0k6ZMEIwvy6pG+kz5sk/dbB7GEkXUXSqbMPiwZCWB+T9IWmDf2/Mi38y0o6q6TTpA+TeOjKu2j3NgcP3iYvk3StSmMb+9ck8Xm5pP94Ox2p3bEk/TL1DdBe3PKem0h6bvru6JJ+l7UDRJfP5Mz814D1z0bO55H0GedY6JO+2ED5nLlRAEeU9I8ECpMjm+G7nH16m31R0hm8jVM71vUdJL1z4HOu5tsAaPkiFuA1iz8C4Le6OOpudF5JH0lN7ijpSY4+v9SA9/SVdm9uNN4VHM97mpw0ae5yY+LZMWTs4amrzcUkvTs1AABscjV6XKMx7izpB5JO0vPSq6dNstbsy422YWP9+waMv0rS1SR9PAF9gy7cj+RrBQ3Jpvv+pFz+lDQpmwcbMZtXvvHfV9LD3W9yNhxj8VwoDSpn4Q3N7refk6euZgdKuqGkP6fdGnOjj9oAihY7haTv9nXg+J6N4vYt7caQsYOlziZ3kvR4Sf/KtFPtATTUxRuzz7OZ5QBFu2Em5oQbdI8NGN8FQB8t6Z49vCKXtzSgxMozul6j9V+ywRhbHxlr8ZSmwr8loWXwLzYlTKyfSDpcA85nNf9/S2dHBtA/SDpK8cxjG7Df3dlPW7NjSPqhpCMk/+SoRcOxZLwXtjFb0QBoti6T7ueSjt34X49oTMz79LwwBygmLaA+ZvYMG+KFCz/WM4ZdAPSSTvMZ3/r+2SDw69n0/+IZmKfNWIvnNs3EPrVggMEQMNiUMLUwuSB8zM85OzKAYq5cQhL+l9FvJJ2w2S3/6uyr1owJYmxMCgu/1KRjyXgPLOuTScO9tIkJXLelI4AJQKHrJHOv6505QIlLnLvyzLeTT4kF5KWpAXo6SSgDj3V2nBTEzOcYc/w13sH1tRtr8RxJ0o8LjYX2w4/BrNqEvpoCEgSG8EW9ZADFPP5ZxXS5WRYI8fZp7dDm309a5ikNOH9V2YTGkvFQXq39IVKADY2PVkQ71ggt8o70BVoWbTsEoETUX9E8d43ioadJuu0A5qcG6KHSOvOySJCIYJYR66DN3fH2eXC7MRdPzS/bdHchLfOexDU+qCe8b4PMAfogSeziLFIjoosWGR4qwFtLYsFhwjNJ8FZaCWPKeCi/tIdPFhV0xUaTElGv0V0kHZCip0RR+zbWUoMCUKwVgI02zunSGfj7xjAlQNGIzCUbrZcIthF0M3ptE3S7qvfhvnZjLp7TNtHcrxQMEIq+VB9Tle8tMvzrFBwaEg3MAXpjSQSsWJg5nU/SRwfyBcgJ+ZMrI8VD5JoNYO4AzYFEXAALoEbPbwJoN0opLE++sQZQ+iVNVpp8xCLIM+ZpmzbxTwnQgUvg/83xtclSGBFYw/rYCo0JUBgsdxcKA1jQaDEvsfsShCFatkkksAQou3eZ/yQPSD5wCGENsHgg/K1PLASg+zd52AdIImhWBrTy8X+62czOlqwVLIM+agMozyHf0tfFCvL0O3eAsrETFDN6tSRksRUaG6D5IjaGh4KMKhf8JMBNhOw7A0deApQxY+KxURiRBKdi5BcD+sYXBpgfSNFJHp2TBsXE7MtdDhjuwU1v0QTWnl15sAugRLqZh+MVz2EKYhJ20dwBSvFNvpY8KRq33McGKA43CyWvMMG+J3LqMVPhj7K8fVOhQ25KeAdZApTnLA+Y93G/JvH8MGenlL0BTCj34wKgB8nEyi5zcVIUQmlcTlQzUURiVU018c8ZoKxvzHR8dKMrN1mG1zvXUW+zsQEKA5aGyJnpKi/L210mq0C6UmWCeweYdm4WAVFcfFCI2kqizEQyjfCL8MkIEvQRC40FR2SZvq2md04ARdOVJix1wFYXS9oJM7ZGWAZmpuFT53m9tzeVPeS5S+rSoNb2edkc2N/6gipzBiimbR67oNqI+uYhaaTOtTYFQGGYUrG8LIqia7RQH70uVSARyECLblLDWtOgvPeZDUhZxDl5oswEv4hMIrubN6bxc7IO5gTQNuBhmkNdgTHMNAo4yBPnxQZd8+UBKBsG84EFlVNXZH7OADX3y8ZC7v92fYt6yPdTABR+SIhfu2CsL7eGWQwwqW/tytf1jbcNoNSglsUOpHIo4eoiAHnTlFNF4+am+twBamkhNjqqqtp2evKfRCIJ8lHc4SEPQOmnFqTDTCSqW6s0mzNAqWGGbwgrgwMaBDS3RlMB9AKVYzlPTqcA2gZji32TAE7eZxtAaYMmP3/BACZrmR6yJgQ58KmJKNc2jbkD9BmpRJIgGYupjazEjzwoxwk95AUofdWsFzYFwFvSXAFKPIQUixG1u1geW6WpAArTHLviJIARpVRoydoujtYECJhCXeVoHmF0AZQStrK4uasS5JGpEglf48SVI3NzByipIM474n8y9hodP/nnfOeNFdB2CEA5d4kfW0aZqTCi8COnOQKUDZrTLpQFQlheWBybuGCda3hKgN6qcaCfXnDTFrLn5Av+J1QeFPaAMm/TBVD8Yvxj/GQjzpmycfDfnFhUtCXA9MQUCS55mTNA2fTYWChPxHfioHaNcs3Q54bkzw8BKM9RfUNSP1+DbNa4HnmefI4AJVVolgW8ElSjiGbrNCVACUUTOc0ji0QRy2NJDJKzo0Rw2WVzrbuJALoASn/liQT+Ri0lmjSnu0ri9AtRXm5sqFXgzBmggM2ir8iWaGyNMN1JN3HrAzXVnqg2/QwFKM8g47IuF7eDUy+mjTwAZT4owBhCjJEo/FCiYozKNoj1jALZxpHFKh9TAhQG0DwctM4Jkyu/KoTAi9XL1kyeoQLtAyjaEnOanJYRE2fmC39D01Ig0WdyzwmgBLLy43VsdBwxgx6SIrQ1WWL6cisGfigmfUmUa9YK5zcBKJs2rk95RQ3nRu0aHQ9Ay3SHZ414r93J+0LrcwaU608IaBFQpFBhNJoaoFxdwuLP30tUlHSFEVVDmGBtpuZQYfQBlP5sEeR9I3wr0L9Bk+Z5QfqSwvq26zvmBNA5VRJ1zRkaiFsL8jVBZBw5sxHMBaBodcBJ7pzNmuj2aJrTBDY1QHkvO3Aeuic8TWCCoBGaijA1pwqGHktqWwQegOanZayfPIFuAa6+NEwA9CDp1SqJukDK7Q5Ud+XEJohmJEjYd+XJ2BqUABAxEcBJao77rDi6ODrtAqCUQpX1l3a/EHe9EGGEyC8Brr2SB6C8g906N2vxvVhopF3sPqW+i8bmBNBSblzSRoALXw0+a5Snw0rXo28eNjFxrU8qnFj4+blKviM+gPz7ANrH216+p16YTYLILXlh/s1Bg0loFwAlmohpQHG6kV298d7mOs6LpJwpdxttg7wApQKE3GxOXALF7ozvQT+WlG7ja64AJSVkQa2uail8fgI3bE5ErYfcNLEXgCJPDuETIMrP6nIGFXMS4E5xaVg5rxR2sCZYs7g4uGLcUjgZ7QKgDI4b0B5ajJKUC3cNQRxNYtfaBnkByoIkKsd/jfCD7d/U8VLP20VzBSgF/ZyDhTgR1HbczwoZyiCZZx72ClDeYSWGtfdNDdA8ut9ldXhks3GbXQE0P+NpzFMxhBnBkS+0K//eBnkByrvYLWu1lAAXc7dv95wrQDmpQ+SWPCiR3bYLu+0IXVchQ9ucbAOgREfxPXNXw943FUDR4NTUkrdnvrmcjsPrO6FdAZTB1g7x8nfMSjTstmgIQFkYtRRCHvZfogblxgcAxMkLiuRrxMLEtyL1ce+WFEvX2LcBUPonL85GUd4xPAVA2SBYl7gBWE/8d5QLqb2Le5cAZaF8uGCU5DSnVtqu4fCOK283BKA8R6SWqK4RixYfznPL21w1qB0qxoTFr6pRflcRt7uTUhhC2wIo78T9KTfpsQGKK8M5TuaeHDAVVd7b8IfIaVDbXQIURqlnzO+74Zwl5z63SUMBWt4CMaRgfI4AJTWANkBDYr6X16GarHOAUZCBWT+EtglQXB2uBs2ryMYGKLlYC0xSOLMXJUFBzlZ+s2XXACUwxMkGo740xpAFY22HAjS/BQIfBI3uvXB7jgClTtTOgJJGKa0WkxM+Kr4qNaX53cFemW8ToLyTu48BpZ0jHhug3h9t8siDwpYXeRr2tdk1QNnd2anJzxFOJ8K4118csx9P4mA1H4qvAR2F2PZDRhy3Qnvbva+lnOwWiL6LrTDTScPYjzvxLsaSExsEUVE+u/jxJIIcmLbIFd7acnh222FfMYaNjeISbpVAxhxdY+x25xDX1DBe5MyHY1neX6nLZcdtDpazDYD2oXmk762KxBuI6WPD8/OD9NF1JpJKJk6ukKxv+2Eh+uB2wNoZxi4ep/75QStIp/SPSHQbYdLhaz8h/WBSn5y9Pz9IP56b6WvvY2MFmNwuGADtm5GRvudMIEXcXHQ9ypGdkfiObkMCo0tg1ybu6AOMF4QEliyBAOiSZy94X70EAqCrn+IY4JIlEABd8uwF76uXQAB09VMcA1yyBAKgS5694H31EgiArn6KY4BLlkAAdMmzF7yvXgIB0NVPcQxwyRIIgC559oL31UsgALr6KY4BLlkCAdAlz17wvnoJBEBXP8UxwCVLIAC65NkL3lcvgQDo6qc4BrhkCQRAlzx7wfvqJRAAXf0UxwCXLIEA6JJnL3hfvQQCoKuf4hjgkiUQAF3y7AXvq5dAAHT1UxwDXLIEAqBLnr3gffUSCICufopjgEuWwP8Aj7cLcomaurQAAAAASUVORK5CYII="/></switch></g></g></g><g data-cell-id="7QqzYbiBiShg53c-Jw5P-24"><g><rect x="375" y="405" width="60" height="110" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 58px; height: 1px; padding-top: 460px; margin-left: 376px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Verdana; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">VM  #N-1</div></div></div></foreignObject><image x="376" y="453.5" width="58" height="17" xlink:href="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAOgAAABECAYAAACLd3ntAAAAAXNSR0IArs4c6QAADYBJREFUeF7tnQWsJLkRhv8LMyvMzMzMzJwozKww44U5UZiZozAzM3OiMDMz+9O6oorl7rZnet/67VVJo3d743bb5fpd5QLPAQoKDgQHhuXAAcOOLAYWHAgOKAAaQhAcGJgDAdCBFyeGFhwIgIYMBAcG5kAAdODFiaEFBwKgIQPBgYE5EAAdeHFiaMGBAGjIQHBgYA4EQAdenBhacCAAGjIQHBiYAwHQgRcnhhYcWAOgd5X06E5WXkTS+xqeObaknzS0o8lJJH1X0jclnWzhGdqcUtJ/GvtuaXY2SZ9qaHhYSX9taLe3m8BX+PvINJ57TrzMz+kCkj7k2l0v8flFDYN8gKQDG9pZkx9KOl5D+89LOnNDuzWbHFLSbZLcMKePpPW+/Jqd1/paA6AA47KSzijpDJLOKengxctg5tclfSN/3iTpNw2TO5Skq0g6lfsgNNAfJH1M0hdSG/p/VRb8y0g6i6RT5w+LCGNLot3bGsbQ2uTlkq5VaWxz/5okPq+Q9O/WTvdSu2NI+kXuG6C9ZOI9N5b03PzdUSX91rUDRJdzfGb9a8D6R+LzuSV9pnEu9ElfbKB8zpQUwOEl/V3SZzMP4SOb4bsa+1yjGTL+2Dxf+nvzbgFoOXkE8JrF/2Ryb12BS+fJOxdd3UHSkxr6/FIC7+kq7dZk8Imz5i43Jl67xibYMM2uJheV9O78BABgk6vR4yTdSdL3JZ1o4Q1Xz5tkrdmXJbGx/q1rlHsav1rS1SR9PAN9gy62euQ0kuDDpYte1pSfyQHuDeG5oKT3F298Q9r9rrQVm/Y8/AJJN5D0p7xb/66hzymAosVOLuk7DX0sNWGjuN1Eo73B46XxLH1/R0mPl/RPp51qz6ChLtaoLTxA0W5nLzrkGHT3pYFVvt9XAD1aGssDJd1a0iEq49q1AGUuX0w73+ndpP4lCS3D+WJTwsT6saTDJHA+K/33LRo7MoD+Pu2ERyqeeUwC+90a+5lqxkL+QNLhkrZhwzhy0XBEgGK2Yr6i2fw6lXP8maRjSnp4MjHvvcAnD1BMWgT46O4ZNsQLFefYFtbvNEABI6AEnKwtyuD16f/BC6wJo10NUCb41IL7OAo4XG9KMAdTA+KM+bnGjgygnBEvLonzl9GvJR1f0l8a+6o1u192gvw5n9dKTToiQD+ZNdzLkk/guhNzB5gIJXSddPaCf3PkAYpf4lyVZ76Vz5QIfSvtNEBfmHnynmRhvTidh18j6Y+SShN+VwP0CJJ+VGgstB/nGMyqTeir+YCOY4izaCsZQDGPf5rAeI/iwZs6R0hrn9YObf69rGWekszcX1Y2odEAerDsYEPjoxXRjjW6hKR35C/QsmjbHoDiUX9leu4axUNPy57QVl7vNECZNzJTRg/2K4DC/Nq5jMM+O1IvEZZhR4M4g7a49+0dHqCYLeziCKkR3kXzDPeO61aSEDhMeDyOjK20EkYDKOPEow5dIWlSPOo1unP2WuI9xYu6tLGWGhSAYq0AbLSxp0s58C/xfKcBOjWe/Q6geL++Usz2nckLe8mlFal8b57hX2XnUI830AP0RpJwWCGYns4r6aOd4wLkuPtPkb2XeK7ZAEYHqBc0/AJYADV6fnKg3TCHsFrijTWA0i9hsnJTxhdBSM6HbabYHwDtFMye5rjycekbkRiAQKPFWondFycMMdFNPIElQNm9y/gncUDigT2ENYDwQJy3PrFLAPqgFIe9vyScZqVDy8//02kzO2u2VrAMlmgKoDwHf8uzLlZQS78B0CXOb/G9F2LrphdkZLlwTgLchEW+3TmeEqCYnJh4bBRGmHEnSGejn3f0zVkYYH4geyd5dCQNiom5FLvsmO7/mt48OdaeXXlwDqB4Q1mH4xTPXTU5jV67MIgA6Car1PgMLmsExWeY4EjBc9pipgIm0vJOmhMdSHjopRKgPG9xQN/XfVPG0UMbOyftDWBC/hwXAN3DE0u79OwkLe6NBX/JZiKJxLKaauwPgDYK5abNLAzhn59LL/PtyN6wDKQrVha4ZUw1gB4le5nxZBpxLuJMhsNniRA0BA7PMgJmOb0jARRNV5qw5AFbXixhE8zYGmEZoBEhztSEkIzenuPc5XNzGtTaPi9t2PgBPKFB0aRTFABdksYtvychm1Qxnw9L0jVaaIlelzOQcGSgRTfJYa0BlPc+M4EUIfbU4mXG+YVnEu1+s2QaP8d1MBJAp4CHaQ7NOcYelRM4iBP7ZIO59WoBKBsG64EF5WnOMx8AXULJCt8TEL920c9SbA2zGGCS3zoXr1sa3hRAyUEtkx0I5ZDaNkcA8iY5porG9ab66AC1sBAbHVlVUwkDxD+JB+LkI7mjhVoASj81Jx3eXLy6tUyzAGgL97dsc/4k+B8s+niypNvP9GvCvokDx3c7BVDaoMnPV4wBk7UMD1kTnBycqfEo1zaN0QH6jJwiiZOMap8pshQ/qjcoJ2yhVoDSV816YVMAvCUFQFu4v0Ibyq4oIzIibxUtWdvF0ZoAAVNoLh2tZVhzACWF7aVFJ2QETSW+PyJnIpH6dcJKydzoACUUdI6cgsfca3TcfD7nu1ZfAW17AHrEfI4tvczUWpL44SkA2iLlK7S5ZSoQfnrRz5TLnsoXzp9QWSjcO5Q5gHIu5nzMOdmIOlM2Dv56Qqhoi4PpidkTXI5lZICy6bGxkJ5I6IpC7RrhKSfPFFo6hvjnewDKc8THqZbxmVZs1hw9fJw8ANor8Ru2J12M/FzvWcSLWJYl0T2eWzy4VMV4rbvJq+cASn94NfE0e0KDokk93UUS1S94ebmxoZaBMzJAARv8hOAt3tgaYboTbuLWB3KqW7za9NMLUJ6Bx2hNTxw7qHoxh2ALQFkPEjB6iDnihW+l/S7VrzZxNA+F1p4wufxVITheLF+2ZvK0MtTaLQEUbYk57Wv+WLjTuhehaUmQWDK5RwIojixfXsdGR4kZ9OC0Dnhoa4Tpy60YnEMx6UsiXbOWOL8JQNm0OfqUV9RQN2rX6LQAlPK23lTN1mt3bP4HCYBydQnC780avKKEK4zIGsIEmzI11wYo/ZkQ+L7x5lqC/vVTmIcyJIjE+qnrO0YC6EiZRHNrxhGGAn8vE3jG4TMbQQC0V+K3bM8O7F33BMFxTOA0QlORd3us7CwozZ9NXr2kQenTV8vYO3wA3RxcS2GYAOge7tUyiebWjtsdyO7yxCaIZsRJuHTlSWjQTZAx8cyVK/mXdr8Ql25ZYTBxMcC1LbUAlHewW3uzlrMXgkbYxbKZli4aGwmgJd+4pA0HF2c1xlkjHw4rjx5L67CJiWt9kuFETJpSOE/4B+D/EkCXxrbG9wcJExdG4U3kHiCS043s6o33pus4L5xjptxttAa1AvS2qX6R2Kynh+VdHI8j/bBpzNGoACUkZE6tuWwpLBYcN2xOeK17bprYBqDwlCJ8HES+VpcaVM7+AHdfXRpm632QASgTvk9yyjykkHRCLtw1BFGahGmzBrUCFIHEy8xfI87B9m9ySLmVYTcClIR+6mAhKoKmyv0skaF0krWsw7YA5R2WYlh7XwC0ZRVWauNrPK1LMobI0KHkC+3Kv9egVoDyLjQomrQkgIu5yx2vuxGgVOrguSUOimd36sJuK6HjmDGVyDA1/zUAeujsgPNHDXtfAHQNNHT0USvi5XHMSjTsWtQDUASjFkLwbv/dCFAu9QZAhCJIkq8RpiVF3IQ+7jURYpmb+xoApX/i4mwU5R3DAdC1ENHYD4Ly4aItwWmqVqau4Wjs+v+a9QCUB/HU4tU1Qmg5w7XcwTvqGZQb/SlQx4QlYb5G/q4ibnd/Syez1wIor+X4U27SAdDOBVmjOVf5+/tuqLOk7nNN6gVoeQtET8L4iACl5pWzNBoS8728DtV47QFGQgZmfQ+tCVCOOlwN6rPIAqA9q7FSWxxDVDYYLYUxNnltL0D9LRCcOdHorRdujwhQiq+tBpQwSmm1GE85o3JW5WI2f3dwK8/XBCjv5O5jQGl1xAHQ1pVYsR27Ozs18Tnc6XgYt/3FMfvxJAqr+ZB8DehIxLYfMqLcCu1t976WU7JbIJYutsJMJ0huP+7Eu5iLJzYIvKJ89sWPJ3EDP6YtfGVsmOw1stsOl5Ix7FmSS7hVAh5Tusbc7c4hrqlhvvCZD8n3rb9S58fGbQ4Ws90pgBLuYT2ZC3PkLx82al9UQQiKuXHfM3Pzf8lzXuUX7Ea4s9WySFodMUv7Q8vPD9LHXE0kmUxUrhCsn/phIfrgdsBaDePcGHf65wctIZ3UPzzRU8S5n7P2E4qfOJhq3/rzgzzfcjN97T1srACT2wV3CqDmyV6Ss7nvezOpJvsaAaDUBJLEzUXXmFdBwYHgQObACACNxQgOBAcmOBAADdEIDgzMgQDowIsTQwsOBEBDBoIDA3MgADrw4sTQggMB0JCB4MDAHAiADrw4MbTgQAA0ZCA4MDAHAqADL04MLTgQAA0ZCA4MzIEA6MCLE0MLDgRAQwaCAwNzIAA68OLE0IIDAdCQgeDAwBwIgA68ODG04EAANGQgODAwBwKgAy9ODC04EAANGQgODMyBAOjAixNDCw4EQEMGggMDcyAAOvDixNCCAwHQkIHgwMAcCIAOvDgxtODAfwES7PhjUHFpWgAAAABJRU5ErkJggg=="/></switch></g></g></g><g data-cell-id="7QqzYbiBiShg53c-Jw5P-25"><g><rect x="445" y="405" width="60" height="110" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 58px; height: 1px; padding-top: 460px; margin-left: 446px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Verdana; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: normal; overflow-wrap: normal;">VM  #N</div></div></div></foreignObject><image x="446" y="453.5" width="58" height="17" xlink:href="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAOgAAABECAYAAACLd3ntAAAAAXNSR0IArs4c6QAADPhJREFUeF7tnQXsLa0Rxc9Xd3d3d3d3d0vd3V2/uru7pammberu7u7u7u77SyGZUHaBvez/8ZqZ5ObJhYE9y4FhZuAeIBdHwBEYFoEDhu2Zd8wRcATkBPVB4AgMjIATdOCX411zBJygPgYcgYERcIIO/HK8a46AE9THgCMwMAJO0IFfjnfNEXCC+hhwBAZGwAk68MvxrjkCTlAfA47AwAg4QQd+Od41R2BEgt5V0qMbX82FJb2nos6xJP24ohxFTizpH5K+X1H+eVO5m1SUaylyF0mPKVT4qKRztSjdsCy4gu8jJd1zpp2zSvpE+O78kj5gyl1X0osr+vcASQ+qKBeL/EDScSvKf1bSmSrK7WmREQkKMS4j6QySTi/pHJIOmqACmF+V9LXweYOkX1cgdwhJV5Z0SvNh0CC/l/QRSZ+byqD/lZL+LekaoeypJJ1a0mky7fxZ0vEk/aqiDzVFDi7pW0GnLf8XSZ+R9JXw+Zikd9co3LjM0ST9PLQB0V4y096NJDGZIUeW9BtTDhJdVhI48+H954j19zApfarymdCJrlOEzxmnBeCwkv4m6dMGSyaOd1Tq3LNiIxI0ffiXB5LY/4fAb+6A0rklfSjoub2kJxd02oGYFr1bxYpX2+XrSXpRpvB7J0vhQrVK9rDcRSS9M7QHAZjkcvI4SXeS9D1JJyz072phkswV+6IkJta/rnjGV0m6qqSRrI/Zx9gfCHoBSQxMK6+bZr8rrng5aZUXTivV9SX9MczWv92BoKx4J5f0rw79YgVn1k9lVILeUdLjw5Ygrk45GFihLirpjZOpe7kGgrK6nS0pzzbo7iuwdoKuAK1U5fOSTmcK/VPSiSSxv1grmFg/knSoiZzPnv5+8wpFdgX9naQjJHUYdAy+XeRSxjpgwjiiUTYqQTFbMV9Z2ex7SnH4qaRjSHr4ZGLeu4Gg7LPB9aimDhPhBZN9bA3uTtAalBrL3Gp6sU9L6uAowGGwVjC1MLmQM4e9XUmXJehTJN02qYDZjfm9i2AqYjKyv2RvyyCMMipBPx5WuJdOPoHrzDw8xISgyLWnfebLGgiKX+KcmTrflIRJjQVUK07QWqQayh1O0g+TFYvVj30MntY18uXgjMAxxF60RixBWTFuGQZOrItTCWfEN2qUZcpYL+fVwwQwOkEPEhxshwmrIqtjTi4u6W3hC1ZZVtslsXtQCPqdyUH3iqkeuFh5uqRbN+DtBG0Aq6UoDpx0xWKz/+oWJaEsYZl3hb+zB61x71M8JSimdurMYVUmRLJGWFWuKYmVAaLTx9EJSj/xqCOXn1ZSPOo5ubOkxwbvKfvU0sSaIyj4Q2xWYyuXNOQv4e4ELSG08ntCHF9K6r598sJeYoW+6Bn+ZXAO1XoDU4Ji0hEnPbrpA+EeQi5/auwXe2pWXkJKtwkmPbHd0QlqicQzfHfmuV8g6QYhhFUTb8wRFNWEydJJGV8EITkbtpmD3wnaODBbisf9WayDSYnnlBWnVph9IRUx0VZPYEpQBh0mXRqYv9lE0ufUdiiUixYCk8YJAsH3B4I+cPJc318STjPr0Eof/5OSzhKsFayWkswRlHrEWdO9LlZQjV4naAn5Hb7HpAVgK60kg0yQCnKfLCQE1HYpR1D2wUwQNpmCZAIcT7VylDBpsI+zzq+RCMoesBS7rH1eW25uMlsiKHh9QdKxkwavMjmNXlPohBN0zVuqrHOw4CywGSa/CCZljZlK3Bcz8iQhlNHqcc0RlK6/NhOXPZ+kD1Y+1/0CMckUYvWMWTlO0P8CGJ1EFk5CWq9P8AW30xr8cvA7QSsH5dpicTDb+kvpZbacjTFeIfOCS32aI6j1UEYdSyEH2w5xWPZtmN7PmEIRhJSijERQVrrUhD20yYvFwYUZmxNCJKyICKExuz9/65TZQ5w7laUVNJZ9/jRh3zCpyArKSjonTtDSKN/xexKySRUjXzUKSdckX5ckrnQQglW0NetnjqCszOTH4tGMQs4oq+FPCp0iVEOogL6Qg/p1U34kgs4RjzAVch5JH5551kdNsUpSIclVtskGS9DUEJQJA1MXp5yVJc+8E7TEkg7fszpdK9FTiq1hFkNM9opksczF65a6N0dQ6txB0hOSyjhPHrygkBgixMbRlZv5RyeonVzIqppLGCD+iZWBk+9ile+/hqCoIsTylkQn3ly8urlMMydo5QvYpRj7u/cnCsjsud2C0gODecUphuNPwe2frejAEkGZzUmmIMYXhX8TepiL+Vmn13lN4n6sPzpBnxlSJImDsvrPSUzxIw7KccIaqSUoup41YY8JboVJAfKm4gStQb9DmTShnLxVVsncLM6qiRcSU6h2b5jr4hJBKR8HrK1L5kvqeY7fYx6yP+NEDQRNZXSCko549pCCR/peTo4TJi6+q/UVULaFoIcP+9jUy0yGEdsHK07QDuSrUXGL4FSxZedc9px8Yf+JpAeFa9qKZUoE5QQKE4eVufxZ+vG+UJDge+yfrTsyQZn0/hAOGxC64qB2TvCUxwMEpW2Ird9CUOqRv8xpGXtCi8maXF0bJ3eCtoz4HcpiSmJCWs8iXsT0WBJNkMSOBxdvYe4YV203SgRFD6RLHVa5gUmIgFABh87Jkso5rEYmKM8Uva9gizc2J+z3HzolcxBCIqea9MgaaSUoOp+aycvFgUg2VsTXCVqDfqcyT5w8gxy0toLJFa/V4P/ZAzKD4pDJmTwtXakhKLm06UmNNHwCIckpZbbHEmAPlZORCHrj5LACEx0HBhAcYXO3SWD6cisG+9BHZB6SdM1c4vwagjJpY8GcNGmHc6PxGh0naMuI37EsV5dwKsWaNc+dvHc3NXpjKh5XmrBH5c+1UkNQwj+EgQgHRcEUpG3S4RD6yIDHUcW+idVldIKOlEm09P6wXthW2DFBEgsnhZgInKBrR//KeszA1nVPEBzHBE4jyELe7TGDs6DlWFKuOzUEpV7MT7U6CMM8KaSnMdjJBS6FYUZaQfcXgoI5tztwy4MV7jDi4DdOQr/yZCXZ1lS7Uib/Mt4vZM1N4mIEtXeRWoIyQRBzJTUxCqEITFtW9HuEbBoSGUiOn5ORCJr2kVM7RwqTESGsnNhwWLr1KL2HNSZu1EmGE/nQNnGE78hzJhXQCVpCv+P3eBO/HWKbUW28eoMb77hki5gpdxvtKrUEpR1uBYzpbbFdBgbmLQO7FLelzqgEZWKJx8qWzuRiseC4wTFEKIQbImplF4LSBofwcRDhe4hCPJq7oyCuXxpW+yY6lLvPtFo9JNFDyIW7hhCOJmHa7CotBGViSK/EZP/LQGXAMkgYLEsyKkE5mM3FbQgnguaO+8W4MH6C3HWlS8++K0HRHVMMc+04QXdlQ0N9e8YzViNjiH0ejhgyh/j3rtJCUNrCpMakSoXVlft2SzIqQe8bPLc4v0jx4+heTmIiBl7tuUSGOQx6EPSQkth75iYHJ2hp9HX+PneIlyYeJokVtoe0EjR32Rn9IHuILJySjErQaL6THE+SfE4wLfFaE/q410yIZen5exAU/cTFmSjSy8+doKXR1/l7Bkp6/pLgNKdW5q7haO1CK0Fzl5213Mw3KkFJriDBHxOWhPmc2LuKuN39TY1g9yIozbL9SSdpJ2jjC+lRnKv87X03ZOtw7rOXtBKUdtPLzpYu1kr7OSJBufWBvTQrZLw7KYevJRg50GR9tUhPgrLV4WpQm0XmBG15G53K4hiyWTmXzhxF2qWpNQS1l53hLGFPOrdn2x8Iinkez4Au3RpBdhF7VcJI4NYqPQlK21xBAynjOWInaOsb6VCe2Z2ZmjAGHlI8jLVkyDWPk4HTKJCM41SQi+wlBOcTv0ESf8QJ0zVNlI8642Vn/AJa/PGgXHuELGgr/rgTMz59iEJGDG1AdD774seTuIEf0xZcwTlmR6XPg5cXa4GrQ/m5h5IQOyY3OWJNknu8c4hranhesOZD8n3tr9TZdrnNIcZsnaClN7LR9zGLxOZfrm0K06zm5wfRv7Qf4woO4oHkBS/dnUTKnyVkqd/7YpDFhHQyi7graE7Y9xMv5RA7t/iXpPbnB9FTczN9rj0SR8CM2wX3BXYlDP7n+/3hx5NaH4rcVpK42fstZem06vXyjsCeI/D/SNA9B9EbdAS2QsAJuhWyrtcR6ICAE7QDiK7CEdgKASfoVsi6XkegAwJO0A4gugpHYCsEnKBbIet6HYEOCDhBO4DoKhyBrRBwgm6FrOt1BDog4ATtAKKrcAS2QsAJuhWyrtcR6ICAE7QDiK7CEdgKASfoVsi6XkegAwJO0A4gugpHYCsEnKBbIet6HYEOCDhBO4DoKhyBrRBwgm6FrOt1BDog4ATtAKKrcAS2QsAJuhWyrtcR6ICAE7QDiK7CEdgKASfoVsi6XkegAwJO0A4gugpHYCsEnKBbIet6HYEOCDhBO4DoKhyBrRD4D0kLvGMOx5n2AAAAAElFTkSuQmCC"/></switch></g></g></g><g data-cell-id="7QqzYbiBiShg53c-Jw5P-27"><g><rect x="270" y="435" width="40" height="40" fill="none" stroke="none" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 1px; height: 1px; padding-top: 455px; margin-left: 290px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Verdana; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: nowrap;"><font style="font-size: 21px;">...</font></div></div></div></foreignObject><image x="282" y="443" width="16" height="28" xlink:href="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAEAAAABwCAYAAACuE3ZzAAAAAXNSR0IArs4c6QAAAgJJREFUeF7tlk1OVFEQhT9cBBjDhBFT4kgnhhUQF4JLIMS4A38WoitQScARYcrICSHAItS+hmG/1/eZVLyV+nrU6T59UufUOV1vi+KvreL60QATUNwBK1A8AP4JWgErUNwBK1A8AF4BK2AFijtgBYoHwCtgBaxAcQesQPEAeAWsgBUo7oAVKB4Ar4AVsALFHbACxQPgFbACVqC4A1ageAC8AlbAChR3wAoUD4BXwApYgeIOWIHiAfAKWAErUNwBK1A8AF4BK2AFijtgBRYE4AnwawG+B/rfOTcl4BnwFjgCtoEH4AtwCtz2KFyDGYpzzoB94CvwdI2Iu9V3h8D1QhOG45wyoH1+CRzMCLxapeH5Kg2/O00YknPKgFfAtw5hDXfWgWuQITmnDHgDvO8Q1nAfO3ANMiTnlAHHwIcOYQ33qQPXIENyThnwEjjvENZwPzpwDTIk59wVuABezIhrwpuoJa/hOOcM2AO+A7trFN48/qn9XKIeGI5z04NQe/g5AV4DO8A98Bl49/h+of6/8KE4NxnwLwJT/UYDUq0rYFgTEGBqKkoTkGpdAcOagABTU1GagFTrChjWBASYmorSBKRaV8CwJiDA1FSUJiDVugKGNQEBpqaiNAGp1hUwrAkIMDUVpQlIta6AYU1AgKmpKE1AqnUFDGsCAkxNRWkCUq0rYNg/x79UcVOUENMAAAAASUVORK5CYII="/></switch></g></g></g><g data-cell-id="7QqzYbiBiShg53c-Jw5P-29"><g><rect x="200" y="555" width="180" height="30" fill="none" stroke="none" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 1px; height: 1px; padding-top: 570px; margin-left: 290px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Verdana; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: nowrap;">Provisioned (Workload) Cluster</div></div></div></foreignObject><image x="213.5" y="563.5" width="153" height="17" xlink:href="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAmQAAABECAYAAAAvIimjAAAAAXNSR0IArs4c6QAAIABJREFUeF7t3QXUdk1XF/DB7hZbsAPF7kLsLuxuVFTsLjBBUURREQMBFbEbxe7AbrG7C1vR6/dx9vr2N+vEzNX3c++91rPe532uc87M7JnZ8985b9eKigPFgeJAcaA4UBwoDhQHHsqBt3to69V4caA4UBwoDhQHigPFgeJAK0BWi6A4UBwoDhQHigPFgeLAgzlQgOzBE1DNFweKA8WB4kBxoDhQHChAVmugOFAcKA4UB4oDxYHiwIM5UIDswRNQzRcHigPFgeJAcaA4UBwoQFZroDhQHCgOFAeKA8WB4sCDOVCA7METUM0XB4oDxYHiQHGgOFAcKEBWa6A4UBwoDhQHigPFgeLAgzlQgOzBE1DNvxoOfOvW2jtvjPZ/tdZ+5qvhRA20OHB9DnzZ1to33/nsB7XW/vn1m60vFgeux4ECZNfjZX2pOLDHgR/XWnv31trnXXnov7bWPs2d2fclW2tfv7X28+7c7pvc3Lu11j5yY4B/ubX2pS8c/Ddsrf2enW9819bah13Yxkt9HW9+/mn8X7C19klWBvEVWmt/vvt3a58i9O9e6qAn+v2zW2s/Zuf5z9Na+6cT36tHb8CBAmQ3YGp9sjiww4FPezq036m19tGttU+9PHdPQPapWms/q7X2g1prv7O19i1rtq7GAXP7VVtrX6q19uVaa98uffkagOyTt9a+RGvti7bWvsgyd4B10GsGZMGDT7bw5pe11r5K4s0aIPu41tr/bK39qJOi9Cuvtgqe80OfobVmrVg31s93b619ltTVAmRPMG8ByD64tfa9J/rzf1pr/6W19p9PE/sPWmuEzZ84CaHf0Vr7HxPfee2PfqflcPyUrbVf3Fr7aXdmyKPbv/Nwn6q5/3jS6D/9nQHZV2qtfWhr7Qu11v5ha+17ttb+8ALMvskEd77Z8s7EK8OPZr7svcTiSOt/VnLY/ZsrA7J+rL3VowDZWzn0W1tr3+IAkP3QxUJGSXF2fZ/W2r9+8IJyJnO/vmtr7csse/VztdY+XWvNOeHsdcYCk/r6r5a9/LGttb9zAul/qbX2jwfG8KdP1lbyIKgA2QDTbv1IADKm9K+1oOcvvGh3EPUsAWh89T/1pHXQ+ou2OcBKAsh+4vTId2itfcSdmPbo9u80zKdt5t6ADPj6pacDiAXh97bWvv2iUGHQ1zy5c75pa+2rLVaFbDn/b4uQ//uttfjzuzuwcU0mA3sA4zsufz7fYhXShr780ZOr9U8u+8QB9KxUgOyxMzMCyPSQHATGrDNARhwauXxv+oyttR+ygMLPvdH4fzop7fYmS+yed+vft9YoWEDXFhUgu/cMD7S3Nam/aHFpxCdYw6B2xD8PrX+2JSaCFsI8n8nC5tP/mwN9eK2PfP/lgMzj/yUnrecH3okhj27/TsN82mbuCch+crK+/ubFlfZ/Nzjzh05Ws3dJv4krEff2/87k5PdbQB5AeA5RFFnx0E9vrf2kcz7ygHcKkD2A6anJUUDmlc/RWvtjJ+vxF1gMCd94Af73GgGZ/zNaa9kIYt8Zw+9rrX3MogD976VDn+hk+Picy/nLyvWtFmCZ+wuQUZy2qADZvWZ3op1RQAaZ71nMvt5Jw/iQZWFH8zJaLJYKFFyfkK+xsulpSB8wMX+XPPro9i/p+5vw7r0A2Y9d3OJ4JqiZFUxW5xZJPKAYZPIOq9Q59HeXQGtWL26VWXr/xXLgPVmqf3X2Aw96vgDZgxi/NDsDyLwiGeAvLNYn7kAJL3/qxkP4FCdr8Ie31mRgB/EyAWfWvfi2URK3SPECzpzrYkN/287LBchGOXvH564FyHTZgrCA+bmDft3Jry1OqWidAzJ8HJjm4bcsbqTQgu7Bs0e3f48xPmsb9wBk3H+EsvUFhHHPHIGiz9pa+xedK/0XtNZ+2BmMzNat914OjNnP/KPFQve3Tm7KLzb78gOfL0D2QOYv1qWjGLK+h9+rtfYrln/8l4vn51alMj5pa+13nWKvGTOCxIT5/79yAeu49Cnb3/bk6v+NrxiQCc34J4uXLlv8L2Dt7V+9JiDTW4HpvcuNGVjsSdE6B1geZU8JznwEPbr9R4z5Gdq8NSATUiBkQGwK+sAuDGGPB9wk+aA41235a1prAs2RJILPP+n6/PKnWJg/t7x/LqB71FwXIHsU5z+h3VkLmXe4Av9aAv5/8OTK/Do3GgZPyHukb//3U6KM9f43LmwvzuDv3Fr7tTvfetMtZGJkf31r7Y90IRgXsve2r18bkH31xRefe/2DT+m1YtKKigPFgbdy4D+kMIBblL3gCgnrtKwsitGoti/jWuZ1plm3pThTljYZbEE0VQJylLhufvzysJR9h+VLoQJkj50pHodc0mWt7MVaD5UqyYlV32MJx7nmaCTRiIvM56/YSDGSl9IPWJSvo36/6YAMmP7arx2Q8YnLhMoLjZas5klRcaA48FYO/NtTvOBnXv732oBMrJX091zW5vtOMJ9VjcWWWyVITMt7TnxDML9aUJl+1SmTjVtolFgLuClZ+r746EtP8lwBssdOBHfdt0ldGAVk9szfW7IuvS5BTXzZNUNJhPZ85dS3f7ZYj/diO0e5GUYR+71XqvI33mRAplKEEAdz+aotZCZcUKK03CAp9t9odDXVc8WBV8IB1irZXejagIyr4jsmPh5lXK2xXHyLbLMgh4ZaRaPZln/mlOX1FbsPy9b+7IvSdjTNClgSqkh9PqV0XhIVIHvsbPV7YBSQ6bWK/1n5kCH8q680HIlufTkKNwb8yCt9HwgRAgNAbmVSa+pNBmQ/91Qn9Ucs/Hz1gIxm/fZpcQkyFNx7DgnMY95VJ01V8RDQW98i7Gke2md9kKXCEiHTSyyKonpvCqmbY3NLf+YWEoMgKJRGpz4Td9E9yJU/KmI7rPGcQHAVibgjmXkO4WsS15txK5ZI4AhSV6rh3HZYYJR0sWZYeLkSFTumxVIuziHrFk/MkYOZpUn/xI3pr3UMsNDk0DUBmZhAAcmEMpIxpg8zGVve+24rrppRt6XkgS334mjxUoVf435P3xuJrbn3/t+TTy8FkN1q/7KyulWA0uHv/gDz9pe5JI9n12TsRTKGFdj38dkYrHP7VRKI/fVTTi56VtqgGUDGtU6mBP3xJVD+HFnQv9PHjvld7JjSFvekZwVk5tZ5ryhulp1kGrnsbFP1YYsYg8Ssxy0E5wIy5b0olBRDiU6xdsk1c3VNi6nzx3nxsdeOIcMk8SpxGPh/vvxI6927iy3HiDjcf/ji6oygZOm8AjV7Ulj1uyyIOF8j0j9nw6rBJDh4LdOs34R7m8MB24O7tXIB+RuxMPZuReD/V7xzj2TQ/JzuWpC15wFRh2p/992l7UdbQPZPWAIms2sr9wWPAHI8j1pSa30F3gCsnqwB2irgIiZCTNQ7rDwH6MhW7V1kW3zUXyZ9d7ut3S3pPWDvN53+wjIzWk9PPz0vuyvHTq31wwaP/XdNQJYzxbQry/Kc65HEgAH4eS+Pui3fb8nK/PhFUYgrovTn9y8lBQ6W+VsObAfVX0+FYdfeudb+9+1ryqcZQMY68r47DNnKmLukUv8192/uOsBBVq/t5/wcYGY9ucZr1FVH2bBnWawkrexR3l+emwFk1pTiqvYA8i3KFbB3KTl7KJVBziXtjFqeL20/3h8BZHtnBaANJGUCjPcU46PSN25KEDOK13tkHsxnvgnj6y4JRLDG0b3AlOHsMs5tfablXBNHGzep9H0xRmcNhdE6zkSpZxxZoxxPTybCDM78WA/vf21AxkICCGSS9RHZJEpiuOuNhUMWBC0nCCBSY4h7wmGZDwLPrAEyGrEqywQ3sqhd4eTwN1k2MPT5DRbrh2eABPW++lpLgYhdWQFoYGzQ314u7ZWO7I+MsZ5oy6wtYl1o9DR8WTsKDiobQMtywEWfaAB4YGEFHQEyGawSJGLegDxWKNYwmgGNkXsqBMmaNeKS9vUTmLEYc6FP/FGEUJqxeQNMlFzId6Ux+dNY1zQLGpH5Vy0+ZzUBRIQ1PuHlEdlER3fS6RN3XLjTrAfW1z+7bCRzqL18rZGMpb2aPvrlGham8rjYGBixDmlTLIbWPpDGokngEAgxpmsCMplF+h/EUvBeR4zb+L3PVBtxW1ofnqNVAl/WRI4bwxegeq8+IYUsrn/Z6/819z8WXFM+zQAyB4gDhQJFziGhHvivNpbK8Wug5RxAdov9m5dPPuiBD/LZAcpzogK9oPks84zRIXoESCiinnVgBrFWCN4GDIzL/nIGyeZ1JoQc9PwMIPN8lI+ItoCFKIlx5nZ6y57or2bCr3zn5rnfnn1vBJDhn6Lv/rjvM3u+1gCZPrhhw/nnj/tys8K7BcgAYLHmkYQUyrD5ZQ2zl8yfPRLyNV/1tAeC1viyBcisGWdDjBPYYsRh0dVHMptyG3KbJU5Yh/Mvk77COEK1ctgHZV3iBvwBH1gPma4OyIABh1smG/AjV7iic4RtEOBmY0ZcjYOblhKaUA/IbDxadKBpC11ba1lcFoWYAi6XIAvMAbpGv3y5wiJ+czjY5Hs++fwdRQU/avkHk2gBrNFPXKxH8dseIAMgbKIAYw45QdI9sSgCR9o9cg/NtK8dbROKrhdBDleLS0mFXqASjiwlbgQIsja8uyV8eysllwYLCaDuv8A+cGMDCl4lJHPdO+uFZr51n6r3rBnAFQEONkxf9wdo4rIIlyKNB/+33HC5+KrvsqgBRXtFTG9V9sLhlK0H77ZY+jaW4O4/i0PrU+eP3Jb2MCCNvI/HDrdMR/dQWlOsJ4iCs2ahvOX+1+6l8mkGkGnPePDJeH/DcjgdyZtZQHbr/WsccdBvXQPnYDO+XAz1aI2SCyz9oSQ7pClfsc7WFvE5ZS/yd8g08jjow1IJl3P2kncomx/dvcwKNZNwc27b/XsjgCy/o6h0vpFnC5DldygVjCFBW4DMWfw+y0OsT2T7Wi02yjIDBKPC1t2bEjCEKAWNuixduO5sCOsaZZplujcwCaGyFsMDQjYBYGtXRfbn2W9fYmjDGOD8BPq0yZBxdUBmoxlEkIPMAdmb9dYEnmdZIQAZTJfpQiDRsiHjHpABeTYycsDToFjHtgjax/A4ZFlGWOuizlF+j1B0+GYL4pHQyO+HMNgzjXp+BhARPiHEjtw+sotkGV0bkNF4cgkTlsSI89niu+LAhHOQAqMshmvUL2ClG7ijt8j8sUBm6xl3oYW/RjnY02agmbKMrRHgwaoZRHNiwevJ5rJe407S0YKStwBkLEZ97CBNbWuMO6x9y0/M6izNGfQeuS0jGcCeJ7SB6t5Nc1TkNa5vsge3whBuuf+NvQdks/JpBpCxbv+BRbAL8aBYjsS7zgKyW+9ffHPQs5JQauyxNbJnspJKVuVzI7/DUk2xcQAj3+RaJgP36FJAlmMYtaMP2aNztHfWfudV6C34j7oO7FkAGdlNZoa16OhMiRi8awIyfRAzHEBJwhXwtxVDrI+5RMmWcac/z+AUso3VmPIFzJEr8b2rAjIxCYRKvixbrBPrwRr1Ao87i2WqJ5YezMqArM9UMcCw2uxtlAAq8YwCmBnB53ehYBs/yMEPHR8RszyXJj4cFeebAWQsQ2GuF3cR9ZnW+sN8b7I9AyRv0Uz7DmXWjojpY5HketqyRkWbADlwHS5oQMS/KY/S0ywg836fTWVdcXv3pN82WmjZrIgsunsU1/54xmYyXi64TL1rY2sd9+3cApCpu8OFk8l6NG/nUgY+vrHntnQIsyZb+zlUId+lGf3YAoqADAHtG94Tf9jTPfb/JfJJf0cBmX1B1pg7coyMGg0YngFk99i/xk3mmz+xn1vUu5j2yppwt+f7S+13cvWILgVklFlutCAuYwrKCFDe6ltvSfecmLiwDh2N6Zq/Pwsgo3Bla5jz2Lm8RZ53FjOarNVVPMdCxktCkQz60Qcxnc6vHHJB4WT966k/z7bWLguZhIUPv1YMmareGssxQ1xMLBhbKLMXeHt1U6SwMn/6JhKPlGub+XvePFuTyf8csWWeccjKosgmznjXmPqFIe5Lfac9coAAOiwVDvA94ToKiCD47L64lpl7tH3jFVSfXaQzNaW4KjP42YrHOAeQRSHEmJMMBPI8iWPM94SKx+vjCPt5/dDOQifGgcUviBaVs/+sdZreSJDyLQBZH9Cvn5GBe7BsN39mGe5DDrgU1qzRFADFXBH3hvgnxGIi3iLLm615ymPgRujjM+61/y+RT/o4AsiATpZvVl2gjNI5k3k4A8jusX9n1hhgE8o7WQnM90Reiz/Lv7Fq92Uj1tq9FJCthd8IfekVspkx9+DSuyNyaKaN0WefBZCJ2WbICeIR4Rk5l84BZH3Nuq0widwn64CyG2SN9t6JmfNMbNrHnwPIgAPuPyiRpuqQ6q+X4JLgZtzTzGcEXj85rDM5IE58F4Q5QoL0InDW83s3CUDu2WUCCOZg9r49likChKtmS7vP78wAInETEaTq7/p1iXDQj5n2e0vJVgzb2hzkmCC/O4TC3Zyfn1nA8V4vOAXeAnw99ZuOtZOmtUcBruOZ3jLZuzWsrVyMcu/btwBkGRBp26G3lQE7slc8w7Jiv+XMpS23pZR0mqIgdIkamcINGf8m3s8+6cFrgHd7z/24a3SP/X+JfNLnI0BG9pInAvnFFUmCObI297yYAWT32L+jayrWZgAyAf/c7T0BX/lSe/E84iO3XKH5/UsBmRCYPvZxNjGgH0++eSJ+OyrgOsPTmWefBZAxcoTipv/CKxhyjuInt8Z6DiDLRboZUMi8o/adHRTToDXL3vR5NgrIRieaP5TVwUG/lfoZ3zpX4AFfXGBBowyM58U8OUiDWEEIxTXqff60V77rnG6b3xMHwUXoOdpUn1HTtzEDiCKWLr7BNQQUZe1idJ7iuZn2tRdxHN4fATTRTk5y8G+A5Fq5iekFvFKqYAuQAewsNUEC+8PiusU37gSHXpCSJDnQtwf3+BkWoqO5uAUg6wtaaiNczEf92fs9X8PkuTW3Zb5IXMbpL+w+2Fto/Ay84mEQ0Ec4cuNt8fJe+/9c+RRjOQJk4ijxSfAwl8mRvFybnxlAdo/9O7PGsoVsC5D1ihzgmu9Y3WvvUkBGofiLXQPmqS8jNDNmrtc+4zlK+8x85xrPPgsg4752TuZi8oCwpI218lRHY58FZLxYuWoC+dNnP6612Yc0rSWxTJ9n1wBkhLPAeLErMlHWAvjXBnSuwJNKKv4niKBZq021NXE0kg9KP0LkLH1r5GBg8cpZa3t3joUVYPS6qBlAJKBcjElPXKhACAtQXxfmaPGOtk9j6GO+ZqySrCasJ5nWXGnTC3gQkLHqOgDyerfxjrQgfcyCos+0yjFmxiazci9mL4//FoAMYMxZraPC5WidiM/sy370bssPWRQbFi/mezGPmYAt6zPXJJN8wV0XFBcC+3/JN2uhBPfa/+fKpxjLHiDL355x/ffzNArI7rV/o39KALEwcVtTvMS+kqU5vtiaiv24Bcj6bHfKPhffCF0KyChsfZZ0r0CM9CM/0ydV+O1Rt1A8CyDDg5xsFfxiBQV6nKWs5msxx2v8nwVkfdytdrcMLrk9mZ65NNdaGM70eTYKyKSiqucV5CDzb1xnowGoPfPOFXhcpNnHPHvPXZ/KL0ZFrMoW9VrNVmyYb0R6/mjl5VFAFH3rBXDuszkBCAl44Gwkjmm0fQds734GUo8sgNE/rqk+AHMtbXp6AQ8CMptnVFHYE7J91mdOtPAeN/2oxfIWgMzcs0QFbcXmzB4kBI9DMxdKzG5LoBXYAmC5xmQJrlGAtviN7BD6EAIwaqituTzjnXvt/3PlU/RzC5AJkeithyzIR1mDa/wcBWT32r/c4wKixfzOWGa3AFnOLDf+mYzESwFZlufB+6MkraN9xS3dZ4DLWrcm7k3PBMgoDIws5P8aKSlhPhke8g0Ka8/OAjKxWzKbL6U11/P0eTYKyAAvh9o16VyBxwKQq9kzK2eweNRHGnmu+O8gidpna+8SrKxwOfV/bWMSsjaWYOfsW97rzyggyt/gXiWYsvuwbwN4Ul5irf5bfna0/XyvYLzvcB69WsizAEimtYDt6QU8CMgEX/bxdiN1dI7WEkARhQo9K/ZBRvAI3QKQ9YAHCD6qmD7SV8/0iTTZbZkvEmfBkoCzRn0Ar2fCvQn0AWbA3V7q+732/7nyKca9BsjcWWiOJBPlUi1cJiwya7WM9uZnFJDdY/8CYw5VSkkQizILh3hAClFWEkdcllyUOT5ZjKQ4zhG6FJCtWfXJXiEu55KQiT7WeTR7/9w2t957JkCmj/a/uGtu6r1K+zxaZMBWct0sIJNEkOf0yEAzMw/T59lLBGR9LMpsfZiI8wrGEoZHVzWoTJ/vRevri7EMOPwAjxm31Sgg6hcBEMCFydonqD27gfKzrmRxCGzRaPtrgkQhS4HZI7RWodo3+6tIphfwICBba5+bO6rBj4xh7Zl8qPj90YCsd/GwYB5dMTM69t5V6L1wW4ZwlwqOr1tB1+SNAymHGAjo5drKyRl7V6zca/9fG5DxKFDqxIoZK2CW5Q6FDjidoVFAdo/925d0OCrnMALIWJuB+KB7AjKZdn2M6Yxs35pH50Q2AFgXzo2jmwpm1sXIs88GyKLPeCEeC6/FKWc3dzzDfUke9UkXfp8FZD0eIJ+E41yDps+zlwjIehOjAH+TMEpKZND2gyBtmR57xJqjvEHmV67AH3FpDiRCdrRWzSgg2uuboEj10gSbC3jNfXQwio9TZXmNRttfc/ltFeZba6cPnPSMb/aXxE4v4EFARvvqM9hk8K1Vgx5dR57LVi7/P+N6uoWFjPtDnEoQwAw4X4NYQFiT89U13JbiMePgktBgTe1Rn7nqWRnD77kE8h5ZvO+1/68NyIxTso+DhNulL6tjrwK4oxZW3xsFZLfev2QOORwAkyufm3QvbGIEkPVWLglZrKcjdKmFjHzorTDW3tEVakd96+M8PT8a4nL07ZnfnxWQ5TGwMsvGJ9PidpX4XTgGxa23Ks8CMtmR2aLPkptl3AxP+2enz7OXCMj6opCzmWT5mgYMNBmE5BFFBfJ4Tj2quHuLlg/UzWhwvjMKiI76Fr/TKASVZ6vI3pUfo+1zr9Dk8oXZspDE+oyQdPFcLZ6Gwyzda4XTC3gQkOmj/mdTOCtFTg4ZGUf/jNpa2crBesPyMUK3AGR9Wj0+b1lPR/rYP9Nb4LgtrTfucXNJQOYM6LU2eoHpGdmhXAcsmUfXKt1r/18bkAFcYuvydT/ceQqQBolBJUdGa5GNArJb71+XI+eMOEHY4qX2aASQqWqfywwdlR3K7V0KyPp15tvk09rVfDN7KQqd53euHUcG9AlV2JuDlwDIMo+AMnIil/FZC6SfBWSs873BgswcTSLYm/vp8+wlAjIWIbFLeWIEkPYxSluMotHnu8NGtHrf6u8hEz/EFSCLiFbLAiNWqc8u25uwUUA0s+Fd+SMuIeYWaIjb5PvvzLTf111Zu+x9q599IPZWnN30Ap4AZOaIMAw6OvhHeN4XvH3fJah55N1bALK1gHH7ZNRie9Rv8UF98DkriKy60TvjtOFKqnyvbHzDb9aqNbtF99r/1wZka4kKrJdAWE6znwlcHwVkeHnL/UsRzEAFcM8hHmtzOQLIhFzYU0Gy+eN6m6O1eikg60v1aE8haDU2LyW8yre+ODN4EWZjCLf6wS1KARU7uEUvDZAZR19nEWBXHiPTLCATRoBX2TU6Wnz4aB1Mn2cvEZBhQr+YpK6q5zNCfbFXsVj52oS9bzBh52KVhCdAJthzq/7V3vdmAJE2CJmRQPqw2Gl7zwQ7034v/GfStSPhIXghzZmlsqfpBTwByFSGzynz1wim7d1ve9mB/VhvAcj6q8G0yew/oyTsrVdCi7B/+5WHRm/L8CrNdu2atI9Z3DdH+/ge+/8egMw4JQixYgdR9LiwRtzpM4Dslvu3L85M6c3lV9bmcwSQ9UqwTHIFZPsLn9e+fykg62OLtLEWZnG0Vtd+l4QmDjknBLH+qEl2KUW8rDCC3s2Xvz0LyIBh6zJoLQa47/vI5eJkCbk/Ui5IYfQc5iI7Ml9Sr/1ZQOYdvBIzGESuSzC4lKbPs5cKyN69u/bm6G7HYGwfyzRyvVGelD7+jGDgBqO1nxOTNAOICDAZKB84sEosVPEO6FoWsj4NnMVJEPsRWWPcGTlQUsyQi6N7ml7AE4Bs7SqsS10QBFR/Of1oPMgtANk7rfB1pADu0Rzm362/XBzXb5QEgcqjZn6CVTxazlz2HYHh7kI8onvs/3sBMmPti0wCplxmR3XyZgDZLfdvX9V+5J7YEUDG8kpG55ieo0SlWDuXArK+KO1RNv7Rmu1/76095po8Yj2+hELOHcVGzwIyBg/Fn4NGjCAjgEzcJOWY7MrX0G3xgIEhKj6MWMjw0/rcoz7UQxss9ZeWSpo+z14qIJMa75APTV02mVieowNBYUHCPOjoZvl+EgkIWZl9mYwZd03+5iwgs8mylrK1yARGx9U1a1pEvDfTvncI2hxvN3KVSC726RtcXtwBazS9gCcAmTga8U25Wj/NSJsjGvcWr3urKaBKWB3FAd0CkHFPcntkd76Ej4+6RMJ37+aK/PHTiIuq70Jf/d/vo8WG77H/7wnIKIrWYo73O8pSxK8ZQHbL/StmNRel5gIiI/dccCOATJ/jRoNYPxJVxP3k6upry/tSQMZVCvwFyfjMJT2usaX6mEx8cxvAJaAsgN6Re3cWkPX3+va3lqzxYwaQqQaQ+b32PaFJrP2BW9ZuBJFslrPnRwrHs6opd5FL0bibm1fqSCnaWwfT59lLBWSY0GdbCabORTF7RsnW+IjEdFooX/FsYVsgjqsyE7PpOcXlZgBRCLCjA7aP59irLj3TvvFyzyozEndq+jsNZ8uNqtq6eLG4dN5zLIlbwnR6AU8AMv1fu+1ADI+YwrXLsvMci/ekWB9GAAAJtUlEQVRZc/0BKLLm8l5yKb3YBlm3a8RCSCBGkoSDa6/2zozw72PlBMOOWFVH2yC0jCsrJefEXPQxOgJrAfxRuvX+vycgM2ZZptxWQcpj2CtrtxXEM7OA7Jb7t3f7kMdc0zl+kYtOhX6hA7m+2FZhWONci7OjWEkC2bpkXEC74tg5ZnREecxrr78WbSa2b3QNkxnmUDHdIEYFLjNr4Uipy+3IauVmI8vsUXeA5jjNvk+zgKyv/weoAFAfsAJauJWBZqBW3F3QWjmbsJCpQciVuyUzfSMXaRez7Xv984wmgK3/Bllza7fcZJ6s3RYA1CtyvBfTKoyDgrgWwz59nr1kQIaZFsT7pMOQFiO2yeEatZCY6gkAB1MgYKZRmkhfB2tkIxEQUHccpr7BvHkOkp4BRAHItPPByx+WsGiXGZc1ygYPk25/NU0/vpn24111gYDPAGWEowB5Ae5xHx/LpdgYh1q+EB0oVuxxi6YX8CQg06675GzsnsTs4KcCsoLM9ZuQY3kVHOtgzAI+v9/z0W++YaxcswAXUMqSALz0RX39blNfoxaRgyOXBlBDL1uFR9b40TPKXXDpIHuJu2GW7EX7KArXOpRyAPfI9265/+8NyPADmM5B6yzvrK1b62IWkOHprfZvLg4cc2d+yWL9JxNY98kmMa72V5Qr2gNkvsUNp9xEdnH7JisQ4MFq5rvaoOysXUqPr314wd4aI9dymAUA6XrAW5CziNKU6/NRWlmRyVXGg95w4PzhBcFTxc7JzmzhOfLazAIy/MWTviQE8EM2Ooc84/cotQM0CecJ2gNknuEiZClzY0fO1sYXZ7j9HmMElN5vYzL6EAC8E6epxph1x0ti3WQFSD+tsd57A0fgpTHKKtc+S52zwfp1NoiRFm7R0/R5FoCMtuswt5j9EXfSx3cAHgYELfovE99RJfi+g1wpFhFtRTxWFj6sDFxiviuTxYRsFZjM36Upm8S8eRyGrBmKzOVSDSaG5mZi+xpYMxstuz5nDhJomtWI1gAoylTMLki+dAkGxs9ywy0bPKA59XNCgzJOmqdgzphPwoo53KGZtaxL2s/8sT4EyedMobgDTM2v/lYHQFkGYFwt1fPaBgFUaDKKAgbZBMZBgBNKoYUYh3VKoxJQnAM7tcGcTuAAWGsWUKUGHGY21QgBa1wBe8kfDiTxTyM3WviO9Zq1R4cSAMc1cImLsY9rO6rrNTL+/hmxg2FRlJxBuzyHxH6GIAN8j9xQa21cc/9fQz6xQon/sjfeI3UYaLA+xOKwBmbZpl3Cm9KY7/b0ulIPtHsHiAPL3iM7rB3P5sBthTKtIfLDH1arNRl67f2rn2SPUkDOkS2iVNrP5K/Af0pbkLknJ7iK1oAPS4rEKfLziChBFKscXkHpcbDae0cWY7LUfgx5SsY6I2e9KUf9zL+TmyyK4jN7BYc8N/dCK0K+AhZrBhXzTV5ZNxSnIHKJzIyzhzsu1yjEd3I21s3aXiRrlW3Jdzj2Y6SUAzbAkrHksiXc2s55HoSoBbpWXsQ3P26R9zwHWab6dwYApUK2SOkY8qk/L/Pza/GqzlEKrbMq44atdsyL9SS8IMe/AWmwDY9MvkbOeUa+wzjx523qY8aEnnOf0znXKXG3Qa8jtBX4vfYugQbcKPJmgmlKJhGIsZkc0gQhM/Y5Qr9vk1CwcC0+pS5Gg//CPDsyfs9kHtiAtDQT/c6LVY5p2IIFQIEVfSK4aQNr6dmXtL/WZ+46tW4cPvhAOyJ0HT4APAHoMJFRtEfMzkdX/GSX9Fotn7Xv713jQ6jIpGIxwNNYMwFybTCgjpVx65qOvk3jJ+isc1k7rGLAo/VhDYoN4TZ3YPTlV+JbBB5L4iWkrbifNawTl8TJ9X0hN8yvQ8q8O7zOoQg0V6POvj2XrrX/ryGfKFFbZWZifH35hLVyIj0v7CVKxKj89P4RyL3W/o2+sh5QdhzCrFRi4shfSrzYUYdRWD4cqgq99mR/ZKUs/+7ABPgcdBQPe9bBKRSCkYCc4Wp06PtGvvM4vqM/EUKxtd76uFcALhdcPnedjr5HdrDUGKPD3R5jXGDFAQod4gCm2GlJDyyR5BW5khXX3N7ePch9v+ztHGubfwcWAWpy0/njjNU+6y4gDaBE7GBWuPI3euzAY+BsM15jp6wCi+bW97kzjY2yAfSPXP5NWWfldubxPpDBzkQymIzFpy2yrqwfSpIzWF98Axgk65wHAJ+11t/xbI7CU3Q034Df2wDLLZfl0Yfq9+JAceB5OdBnIbLerZWZuGQEFCCCivv8EhI7FcL2ku/Uu8WBa3GA5yeUIhYnFsUt6/612qzvFAdWTZ7FluJAceBlc4D1j6WGZo1GS5S87FFX74sDl3OAlZvVI2Kf1Mfac8Ne3mJ9oTiwcKAsZLUUigNvJgf6IrFq8VySTv9mcqlGVRx4Ww7kZA6uNy60XEah+FUcuBkHCpDdjLX14eLAwzmQXS+sZNLgr5HJ+fCBVQeKAzfggCQfcUbihZDMPglcRcWBu3CgANld2FyNFAcewgEHi4D5CPC/JCPyIQOoRosDd+KAhAQJSEpQIAkIEnSKigN340ABsruxuhoqDjyEA2r4yNDzXwHKMktlBxUVB4oDb+VAvm9XpqBSOrLXi4oDd+NAAbK7sboaKg48jANS2JVLYCmTkq2ekNIARcWB4sAn1LWKEhxKI7kFYKZKfvGwOHAVDhQguwob6yPFgafngDpGij9yyaiqLXjZITRSfPnpB1cdLA6cwQEV1xWbVcLFPnBlkZteKs7yDGbWK5dzoADZ5TysLxQHXgoH7HfV41WMV8X63gUvXwqfqp+vgwOqpSvyrVi4m2PcdFBUHHgYBwqQPYz11XBx4GEccAebe9zcqsA6UFQceI0cULWfhcz9tqqwFxUHHsqBAmQPZX81Xhx4KAdcrePKmaLiwGvkQK3/1zjrTzzmAmRPPDnVteJAcaA4UBwoDhQHXgcHCpC9jnmuURYHigPFgeJAcaA48MQcKED2xJNTXSsOFAeKA8WB4kBx4HVwoADZ65jnGmVxoDhQHCgOFAeKA0/MgQJkTzw51bXiQHGgOFAcKA4UB14HBwqQvY55rlEWB4oDxYHiQHGgOPDEHChA9sSTU10rDhQHigPFgeJAceB1cKAA2euY5xplcaA4UBwoDhQHigNPzIECZE88OdW14kBxoDhQHCgOFAdeBwcKkL2Oea5RFgeKA8WB4kBxoDjwxBwoQPbEk1NdKw4UB4oDxYHiQHHgdXCgANnrmOcaZXGgOFAcKA4UB4oDT8yBAmRPPDnVteJAcaA4UBwoDhQHXgcH/j/BSOlAR7CIPwAAAABJRU5ErkJggg=="/></switch></g></g></g></g><g data-cell-id="7QqzYbiBiShg53c-Jw5P-33"><g><ellipse cx="450" cy="330" rx="15" ry="15" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/></g></g><g data-cell-id="7QqzYbiBiShg53c-Jw5P-37"><g><ellipse cx="625" cy="210" rx="15" ry="15" fill="rgb(255, 255, 255)" stroke="rgb(0, 0, 0)" pointer-events="all"/><path d="M 625 225 L 625 275 M 625 235 L 595 235 M 625 235 L 655 235 M 625 275 L 595 315 M 625 275 L 655 315" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe flex-start; justify-content: unsafe center; width: 1px; height: 1px; padding-top: 322px; margin-left: 625px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Verdana; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: nowrap;">User</div></div></div></foreignObject><image x="613.5" y="322.5" width="23" height="17" xlink:href="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAFwAAABECAYAAAAMalKuAAAAAXNSR0IArs4c6QAABrpJREFUeF7tmnXoZUUUxz9rdycWdndiJyroH4pioNjdiYFdYLIGiq0oBoiKYouFLSLq6tqK3d15PzKzzN59cX/7nuP7LXNg2d13Z+bM/c6ZE99zR1AkKwIjsmoryiiAZzaCAngBPDMCmdUVCy+AZ0Ygs7pi4QXwzAhkVlcsvACeGYHM6oqF/0+A/wFMPATdFwH7dxk/DfB9wzVvArZtOHZYD4sWviWwGLAIsCiwKoxV9n8BPAe8DrwGPAKM6vLmHuAWwMLJn1WAyYBvgGeT9R4Hnh/WSDbcfDuX8gMwdbLGOcDhDdfsNOxlYEngGmDnPqw37JYogGc+sgJ4ATwzApnVFQsvgGdGILO6YuEF8HEQ0CiWA5YHZgEmDQXVJ8A7IZf/doi4zQGsAfj3DMB3wEfAk+HvIS7Xdrg1x9ph/3dWxd3oQbfw3YFjqrx9/i4IvAesDHzeZdzGwMmABVg7eaoq+k4C7mkxYJOqKLy7zcSlAesMZZ7qEA+tDGInYMbwm0XgbYMKuFXqtZX1bh82+ydwS3ghrVlLF+ANgUmSl/ygDRiudzGwR/Jca74f+BKYu1p7q9rBng4cW1tvSmD1UIlvAyyTPF8XeCkclnomr80daMCPAM4MG5aPWRN4sQWYiwNPBLegVbUD/HJgtzD/92B5N9TWE6DrAvDxkXOubHOIJwInJM/kl6RI5kz0fFUd9OyDbuETAfrnWcNGtTKtrZ1cEIi0doBvBtyRTPYwz26z2HQhLswUnsshue4vLcbXAf+5ijO3A/cGI3gL8GZ6i7yJA2vh+sLUmvW793UA3PGPAUu0CXjPBPfjEl+HQPlbh/Uuq26KsSPKDhX5dn0DwPcEnFuX1UIwHljA1wcebPDCHTAb80iiLAYyf7wZ0Pd2Et2ILijKpcBeDQDXb6fz0imHhSA8ahCDpulfStVqoQYqr+dQRc5elxPl+Ir3P6XLIhtUMeOBZIzBVf11qbuUToCPmTuIgE8BfAZMm7zhoyHovTlExK+q0cAegMGtk9gLMDWMMhowOE+wgPtiBjWvYSp/hRzYdNEi4qcG4NsosfCIYoFjcOskppkzJwPMfAycEzTg5rt3Aea2reRHi4gKiCuAhzqg9wKwbIOD6TTkw5CnD2vArwZ26QKEebE+98DK4u2PthN9vEFNcOuiC1ow+XG7qpV4Y48HEKf31Yebf6bX6hJgnz5s1BJ83qrcHVn1NQ9uuN70ocFsdqF7aNXs1r1sCujrU7HvaroYxVJbl9QP6SvgNoptKEdpkk41eYnYK22SLbRaz5LeEnw/YKnagI9Ds1p3E8UMwzw4ykHA+U022mBMXwF/uPKN6yRKX61ZSoP9jDPErwJcR9kVMIPoRQT9vMAexnUsWPTrUawwrTSjnFUF2yN7UZrM7Svgp9aIm78DR/BpD5s9BDg3zF8IsPTtVWQST0sWkfeInIk/n1GV5Uclzy27Zfz6IX0FfK0W/lAF0pbjI+bWBrC5qrz43S5062whO9GNdRO5j5QLvzUQSHHe1qG6jP83JXR9XVuv0lfA3czTNd5Y1m5F4I3x2KnXXDeiHFDRqxd2WENmUG7EsvyVBrrkR2wiKHUL90Akwkwzo/RiOOl2+g74eqHElb2LItibh6+vGmDxbzpnkIop4NshFvzaAPAmHx9J7stnx4q5VVA0K9kx0WdQNb/3S7JepO+Auxm7Fr54Klq65bGkji2uVmLqZ85rYItVmldfTqKb1UYLt3uzQgeOW73HhQ6O/5ZC9bO6OieuGzM9NL2M4jvsHdyN31W2E2lab5AxrC7/CeAqkX8wuuuH6+LL6ZvdlCWxV9uAGEn4ON4A6QH4PWE3iYA7znU9cIuVNMjOV/Et+4bP7+INlAqIQbmuw0zFmJC6FsfYxzR3fz/EAj/vs8+pwfiNpZ0g5zThw3sir+obtniwuyGnaxO3qdjxkLI062n6JW2dPIq6DHR+BKqbij7bZ/5+dJe44DhbchZw3pomYkamoXmI0cJ9dxvarmURlfZGpRikI6xhJLw0EPmfsWSo34fbLtJaBEUa1Yjvy2sZERC5By3Z1pd5cDeyqNXL64akSVcKPn+BUPlOFUgr3Y08tzSqrbJuzeNUx0ahKvUm6W5id8fb5G1176aPcvJ1SrhTE7n+HmlTecyzoQLexDLKmA4IFMAzm0cBvACeGYHM6oqFF8AzI5BZXbHwAnhmBDKrKxZeAM+MQGZ1xcIL4JkRyKyuWHgBPDMCmdUVCy+AZ0Ygs7pi4QXwzAhkVlcsvACeGYHM6oqFF8AzI5BZXbHwAnhmBDKr+wesLIdUbXHTuwAAAABJRU5ErkJggg=="/></switch></g></g></g><g data-cell-id="7QqzYbiBiShg53c-Jw5P-39"><g><path d="M 450 345 L 450 365 L 450.27 385" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="stroke"/></g></g><g data-cell-id="7QqzYbiBiShg53c-Jw5P-40"><g><rect x="445" y="345" width="80" height="30" fill="none" stroke="none" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 1px; height: 1px; padding-top: 360px; margin-left: 485px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Verdana; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: nowrap;">Cluster EP</div></div></div></foreignObject><image x="459" y="353.5" width="52" height="17" xlink:href="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAANAAAABECAYAAADwU7shAAAAAXNSR0IArs4c6QAADahJREFUeF7tnQWM7boRhv9XBpWZmZmZmZmZmZlRZbVVmZlUZuaqoDIzMzNzvpVnNc835OQkm5OdkVZ77zmOY4/9e9h7kIKCA8GBwRw4aPCT8WBwIDigAFBsguDACA4EgEYwLx4NDgSAYg8EB0ZwIAA0gnnxaHAgABR7IDgwggMBoBHMi0eDAwGg2APBgREcCACNYF48GhxYAoAOJ+lvLUvxfEm3jKUKDiyRA0sAEHw5naTTSjqNpAtLupxjVgBoiTsnxrTDgVIAHV3SpSSdR9KZJZ1I0nEkHV7SISX9I0mT30r6paSfSvq2pG9J+oqkL3VIG8Z02ar/dwSAVrNDWf9TTDSbd6X9knf/PEm3KHjnvyX9SdIfJX1P0heqff5RSW+R9Pe2fvoC6BKS7iLp8gkoeZ//Si8/kqTDtLzwP5JeK+m6LW0CQAUrvwVN0SbOKunUScM4R8ceKZlSE4B430XS+3gv7zxqScepLYB6TvXvh0r6S93zXQA6aeoAqWP0X0nvlsTg3yfph5L+4L4/gqTTJ6ZdOoHuiO77T0k6dwBowHKu45EvSzqDm8p7Jd2uZmqHSIc1mg0aDvvqKEnjuWFS9ZsAlHf3NEl3cB8ibc6e/n8oSUdO/QK8qyTA+T7Y4xzsX8s7bgMQoEFa0LnR+ytRdw9Jny9YSyaPE+A+kk6Qnj1bAKiAg+tqmgPoTdWeuGrhFO9agelJ6RBnY3dRDiAO/DaJxN5/saTjuY4xRzBdfuxf1gQgOnibpEO7xs9MKP5f12gbvr94kljYQmfc5wCyDXAxSR8cyM9tfWwTALqCpLdOCCB4exZJH0/Sz3j9SknX7wLQyZKU8JIHNN505IodKzkWcCiglzbRfrCBvpo8jwEgaYgEwlv79YkBxP58erVnb59tVBwi37XP6iQQdg3SwuhXyRj73UgA8fgvJP21Eo+AdL8CCDf9h9LkA0DDAIRmROwQ+2kKFc725gUlfSTbqHeShEq4QzmALiPpndkDd0xI3AB+diZMvOeE+xhAL3dqQABoGIDYPm9MLue79diYpTaQdUmQnwPf4+Ql1Xtv0gQg4i8e0binjyuJuM4miJMD7wrxov0ogY4h6SeSDhsSaHf5h6hwpXtxKIB4D65swjNGCJjdQL9H1rEl/SxtcGuMoXal0tGObL9kGwgAnE/SyZN38p+SfpNAgW1HEA43fxPdr4qBPMp9OVQCcahdIB1ueJNYZLxEGL383hQR00PlxL3LXsDuGEubcCKUjmEMgDA7wIbRh1OMaef/HkD41l+ajexekp5QOtqR7fsACBXwRw3vebak29Z8xzxwwdcRahXzb6KTVHGIx0m6uiTiBk2EuKfdw1wDMjXomx82YhdxuuVqtD2Div3wjjjaJ9L76/rIeevHciZJbG6IDJO7J1XlaOmzqyW1qWv8Xd9vG4DIRDCNgbm9Ie2DnXl6AD2jJqAFwwlWzUl9AMS48eSdMwW+ruUG2AQgAnEE8HChX7TypNzYPdMGIHz/BI7NK4mkwcX//eTmP2US6SdO/eW5e49JMbC+PKwDEMFEwgi3cp0gbd6TJCAHyjUz5wyS7gHZS4nJnT/FM66T0rGsCTwh1Qrw8x6/aWizlwAibvjZtD+f1ZeRrt1QCYTG8evsfXjm8AscACC8DXgdPLEw6OxzUh8A+fFcMeUs2WdNAPLPnDepO/ZZE4AADWqLBdTIscKtiW3oiQ3+lPRdW/Lry6q8wBu4B/uqcD63i3djxBKT8MSGp3+AZEQ+2AsaFo/0lIe479gYSFibK+/B9kWCQnsJoJuleZCxMCeALN7kWXjt6iB+jX3gJdAPqkHaKWrfo66QvzYnLQlAuCwBBoSdge3RVHrBRkOtxEvTVH4xBED5AdGmVgN47DCSfiFOT9SxuoTIHEDMC4MejeNjkr6T1h4pd8k9BhBrwFrMDaBXV0nQXruBR2TT7IZ0PIByXY/GqD1z05IA9Dqn76Iyof60EZIMp8KdGxoNAdAnK5XxXKk/Fg4Q47xooudmAMb2Ylw55QC6dbU5eDYnk9ZTSSDijrsqUcOkCOSTPzkngEhGZWxoF0aPrQ6j+/oxGoD4nXuPKEcw8T0niJYEIDwuF0qTJy3/VCMZUQogbDYz7Hk1JyK2SxuhtqHyGZFNfJseAMLu8c/5R3C+4JQgDWss5U6Ekv7mAhCpbK+oAqbHdINj7hygaCK7ZAAiPpOfatg+bQHPkomXtF0SgFBpruwGT6bum0smk7UtBRAn81NdHw+uTsRHdLyf0hMC1kZNkjOXQG0AGjHlAx5dGoCIS6L6oprhMCLXDR56wg5GjT3AH+BVOGwdOjMCaaSPz01LAhBerEc6BqDW3jOVeFCEVUqlAHphloPYJyuETYAr24jFp+I3p6UAqE8glQOBTb0pCdR33VhvvJ8PbLJ9PYDIefMii6xr9L+h2dd9B5m3WxKAOJVI/PSJtYyXYCXeLTxhfN+XSgFEzhyBTH+otd0fQTscP7hfjUi/x5GwzQAitobzZA4AIWWoWaN0h/VqzQH1APqMKzIyZgMojOI5aUkAYt6obdgeTZW2X0yeNwzdPGaQ860UQNRdkVY/hppU8W2SQNdLNsmmAOQL6uAt2hefUSeUhyhaee8B9CKfJJeeQmyCxDlpaQBi7niinpx05CZeIBnw0qDyNbn+SwGU3yfARnrVhhZjmwBEsJrkUbIwOMxKaWggtfM9HkC4MQlCelpqKo8f45SB1JyB2Be4ha+RVSv6duj0BCTrcuJKAYTnh/J4IwKoxJk2QdsEoLHznQVAx0/lqh5U25BMOieAbCHhES5NIuRkFpD27gm37xNrVr0UQHjQkH5GXOxigd2xmyoANJaDNfVA+PpJWDTC04Qrm4zUTRDJlKiKeLfIJ6ujJapwbXPHQCe1A+lkREZCntXBd6UA4lolDgijx1f1KffexEJUfawFQNio2J5cQ9VEs0ggXk5uVm7zkIJPQuQmyNREfO15Lpf1v20AYtyUFHwjS3sHQHnGeCmAHp1FvvveQtNnrdYAIPhOvh5Bz7Zs+tkABONfn/KebBHwTqCHH+w2kj4rVNPGMr7JL+LGn01IoDzhDwmHatVGfZNJuZaLrOtv9pgvKpuvjsR7hofOUymA4JM3mnFUUJvy5x7j6WqyBgCRuf72FKvJ7y7w858VQFz+gfsUm8iISlUK68YmliJmsR24xghjexMAIg3/A64jYid8tgkAEcDjhCMDt4uwT/DUGfWRQES3ybdqIuJPP89uhmHj+3qjrnE1fb8GAOHxxBw4IEctm/SsAOLdXNvLdUtWTMVnnIQYzEMi8DxPuj3BWspjkRqcHJsAELek4O41IimWyDuSo4n6SiAARC4ch0lXPIx7yriuCqItkiL3xFHqcHM3KP5NtkEb4XW7kWvADZkcEJ8eipz03BoAxB4l6RMQ+UrfnDWzA4gBkMiIF47bSY2QIKSVf65g8chmIJ8MA9juSEY1Ik1+EwCiD0rRyVI2IoOZTZerXuT8UVBHZvGDXPumeiBLIcEWuX/LnIn8k5Fgpb/kr9VlZOeblpQbMg3agndkQ+DO9mlVqNVU3XKotR1olDUQSa/LJtl2ALGWv08VAwe7KadmnfYEQIyDRUO35044y5PjVCWoZbUjdR46rq3i6lROB/R4v7npt62QrNSJQH+AgSCbJ8aJEU8kHqmHwUl2ORkFSCnveu4CEP1SlYqUIUOb0m0IqUqwmcPB4jXU41B+UCex8jw1+sBO4qBivKjPVNriWQIkRnjiAAsVpZ5IKWI8zJMoOlcow2vUR+5Ow4PKM33qgfYqmbTpal+bJyED0pNYN+aCWkuGDPvLSvS74mN7BiCbBCodgwUM+SJyww6qGZsKwLFR83Jg6wd7ggXH2PYqlv15E35zIntXOoVduIlJiuSHsmPbwNYvzMVO8/fZ1QkM7jYmvR8w+NR8TnFUIjyQOCEo24ZQM/2fWuEz7EDAwW82vL8jgbkh+bhLuYnwPrZdrk/f3MGQX2YOKKnGtDudW16x8xUHG8DmADQJxKlNKIG+2HT+jnLsSOaLNxE+w/e2C1K63m/fwz9KsllbfnCutN0r0bdf3y6vVaKqlrIP7nngB60j37cUkHLYcUkiv5n3bqVp30F0XS6f98MJh+FL6TeMQL3jVKfwjr4AE6cdohW1itMf+4QUdk5a1Jxcnej6A1v5GPCwsclzYnPgJsdFjvoJw6hp4t1sbOJO5hUD4E1/tgJwmzOAPpkrN/GwCUgpIe7DKcg87M9hAD4kRJ9reumTWA5AQ1KjvsEnav5xU1PE56VPPk9qVdiUjAv1zqpPUdXgNYmQdvF/7vRpu1Qkf4+/ZKTvfqprN+WfN7H35SlnOKm4/KOEuu7Lru2rFEAlA4q2wYHVcyAAtPoljglOyYEA0JTcjb5Xz4EA0OqXOCY4JQcCQFNyN/pePQcCQKtf4pjglBwIAE3J3eh79RwIAK1+iWOCU3IgADQld6Pv1XMgALT6JY4JTsmBANCU3I2+V8+BANDqlzgmOCUHAkBTcjf6Xj0HAkCrX+KY4JQcCABNyd3oe/UcCACtfoljglNyIAA0JXej79VzIAC0+iWOCU7JgQDQlNyNvlfPgQDQ6pc4JjglBwJAU3I3+l49BwJAq1/imOCUHAgATcnd6Hv1HAgArX6JY4JTcuD/GOVGcrkeXxAAAAAASUVORK5CYII="/></switch></g></g></g><g data-cell-id="7QqzYbiBiShg53c-Jw5P-41"><g><path d="M 385 245 L 582.76 245" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="stroke"/><path d="M 576.88 247.33 L 583.88 245 L 576.88 242.67" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g><g data-cell-id="7QqzYbiBiShg53c-Jw5P-42"><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 1px; height: 1px; padding-top: 235px; margin-left: 525px;"><div data-drawio-colors="color: rgb(0, 0, 0); background-color: rgb(255, 255, 255); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 11px; font-family: Verdana; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; background-color: rgb(255, 255, 255); white-space: nowrap;">clusterctl get config</div></div></div></foreignObject><image x="481.5" y="229" width="87" height="15.75" xlink:href="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAVwAAAA/CAYAAACsAXBsAAAAAXNSR0IArs4c6QAAGY5JREFUeF7tnQOwJEkQhmvPtm1be7Zt27bt27O5Z9u2b8+2bZt78VVETuSrV82ZfttvJjNi4+5Nd1dXZVX9le4+AwcOHOiMjAPGAeOAcaByDvQxwK2cx/YC44BxwDjgOWCAawvBOGAcMA70EAcMcHuI0fYa44BxwDhggGtrwDhgHDAO9BAHDHB7iNH2GuOAccA4YIBra8A4YBwwDvQQBwxwe4jR9hrjgHHAOGCAa2vAOGAcaCsOvPLKK+6KK65wb731lvv999/daKON5maYYQa3zTbbuBFHHHGQjrXlgLvJJpu4Cy+8MDqo/v37u80333yQDtheXj0HPvzwQzfJJJNEXzT++OO7Tz75pPpO2Bs6jgP//vuv23333d3JJ5/sYvlcr7/+uptmmmkGKV9aDrh///23e/fdd/3p8sgjj7jjjjuuMUAD3EE61z368m+++ca9+eabfh0ce+yxjsUOGeD26DR01Mt23HFHd+qpp7pxxhnH3XDDDW7mmWd2zz//vFtrrbX8Id+WgKtn+IUXXnCzzjqrAW5HLfvug1155ZXdTTfdZIDb4eugyuE/9thjbv755/evOP300922227beN2ee+7ZOPS1hAso77zzzu7PP/90Bx98sNt6662r7KJvu+USrgFu5XPW615ggNvrpqzXdXjppZd2d911l+93KMk+9dRTrm/fvl1+//rrr93EE0/sbbweCPv0cQiIM800U6VjN8CtlL3WOBwwwLV1UCUHvv/+ezfWWGO5f/75x78GiXWooYbq8sqzzjrLrb322m6UUUbxvz/55JNu7rnn7nLPVVdd5dZcc80qu2oSblHunnnmmW7sscd2q666atFH2+Z+pIJjjjnGrbDCCm622WbLHJcBrvOSVBGeZTLVbmhw4JZbbnErrrii/3uEEUZwP//8cyZ3mA/MCx999JG/d6SRRnJvvPGGG3fccTOfbeYGk3ALcO/99993k08+uVt33XXdpZdeWuDJ9rqVKBSiUfI6QQ1wnY/cKcKz9lox1Y6mX79+bp999vEvGWOMMRzmgjz03nvvOZ5FIt5ll13cLLPMkuexpu4xwC3APiaVCVpvvfU6GnDnmWceN2DAAAPcAmunKM8KNN3xt2633XbujDPO8HxA+/ziiy9qyxMD3JxTQ7jbhBNO6L788suOBtyXXnrJh9tAvV3CJWRIR9HkXAqFbyvDs8Iv6eAHNtxwQ3fJJZfUGnDfeecdH65mgJtzoV599dU+ng/qZAmXcBvs2L0ZcB999FF34IEHugceeMDde++9brHFFsu5CsrdVoZn5d7UmU+tscYa7tprr60l4H7wwQfusMMOcxdffLHbe++9swH3tdde88HDBLL/8ssv3iiNgXn00Ud3U001lbdpDjnkkNGZrlsc7qeffuqI1/v444+9E2O44Ybzp86kk07qpp56ap8CGKP//vvPb8oHH3ywNODyTt6NhPzrr7+6UUcd1U0xxRQOVROeNku0CYAQErPbbru5wQYbLLHJzz77zJsEUL3w8A4zzDBu5JFH9h7cySabzM9rrE8//PCDD6X56aefagm4jOXZZ591b7/9tvvxxx8d84b3mvlFKichB6C9++67ff9RRU877bRM1tPWww8/7NcN7yA9dIIJJnDzzjuvXz9pVJZnmZ1KuaGZPRs2S9YgHn3sovCBscPTueaay/O1FQSukCRFkswff/zh19jiiy/u7bF5SPsIesqkQD9ffPFFRxoxa4K/2dP0ffrpp3dDDDGEO+KII9z555/v0I6JiLjnnnvigIuXj4wNFuPnn3+eOubBBx/cbbrppu6cc87pdl8ewEVqRHoM6aijjvIngiYmBGCM0YknnuiDmGPERttpp53c7bffHk35k2cWXnhhD1pCbFzU5ssvv9wB1mkEM1kkISFB7bvvvu7pp5+OPj700EM7VKIjjzyy2wITR0v44K677uqOP/54/zPZXGTzEdIi3lkmmAnXBPhceeWV7uijj3aouFmEB1eywwCb8847z11//fX+0E2j2Lurdpqx8AFS5ldCg8I+Emep0z0322wzP7f8nkSst/32289nLZE2GiPiP1mrocOlWZ5lzU94vVV7lnYZKxIZURV47pNoyimndHvttZfbaKONuq03njn88MPdAQcc0O1xpFHWBHy94IILPBCxbjQNO+ywXjJEeAgJYemyyy5zDz30kBeC8qSKy/5kXhZaaKHokF5++WVfcyGNOHgOOugg/34RPGL36/VGJM99993nBZpuJgVeSrgPJxvECQ4gzDnnnP50A4AJpWDzsdChlVZayd14443d3psHcJlcNjaM22GHHRptxACXiyysV1991T3++ONdJiMJcOnjIoss4k8hpD7Gsuiii/pxIX0gEV100UVe2uNk4sQSApzENsTCk02HNIiEo+ncc8/tFtd3yCGH+AwWiAVEHQlAffjhh/cLmUONwwCaaKKJPNgjYQrxPuYDCQNA+eqrr/ylDTbYwDFe8sbpXwgGIegxdtQuJh0C5Im0QGofc8wx3bfffusPFA4H/tEeY4Q/0Oqrr+77izcXW5TQeOON5091TfCbQ1hTlYDLobTFFls0gJZ3rb/++l7zAmDpNzGYbDQh1gPjTNMCbrvtNh+T+dtvv/nHCAOkbSQoNATWjGg8aAgIDewboWZ51m0zpfzQyj2LFMtY77//fv9GtD4AFWkezRYNDfDi8BaQZD9dd911jRhX6Srr5ZlnnvFtsX6F4BPzgkCTRRz0CHSa0DSWWWaZxk/8LeCHoBETyvT+ZK+DTcwh4xDKAlyeWWKJJby2D3HIbr/99j5ZgjUALnKY0K4c7vCPgxuLANQFcLkAsErnl1xySS85SbBwyBwkhC233LIpwJU2YYKOgUsCXLmfUw0nllAMcBk0zBAQ5dQGrEICkFCPAFENuPo+1BuACcpjw2WTU50IgtlszvD05PCYb775PKhCs88+uyMrJgYETK4ccKj8SJpsfGoTTDvttB4gWfSQBlxUHcwWLBYIYL/zzjv9MzFiE9C+Bly5D97MOOOMjccGtdMMXjE2pHcITQI1LiSuc+AgJECYkhhLkkqMBsA++Ouvv7wEjDSzzjrrdGtXF2oCjGhTr0keKMuz6OREfmzlnoVPCASo9xBzDbhyyISEmRF8EPBhHSNxhoctz3Fw64MZR+Vqq63m2+dg5BprHhA+9NBDu2iZ7EnsoLF2pU8cbrL2i5gUAGEOa6E0wGWvovWx5yAObfZRmGDBNYrnaG0bUBf/TwNwkWrY8LKpsUWwWNLsizAbew5Bx2UlXBlsFYCLnZINCSGNpZkFOKkAxVYALpIokip2VQg7DpszRrfeemsXyQg+ojGEpAEXqRRVDb4zT0LLL7+8QzLTgIvWIHZKFi0SvUQZJG1qNgJSg0i4cl9Z8KhKwl1uueW8GQHigGANIWnECC1quumma1xCO6CoToywT4oJCI0IiSVGHMCsK4AZYpNx8Gsqy7OkudG/t3rP0nfMVRBrBU0yyYTHPfCeORBCI6RuQUgh4KKSi+YX3gvozzHHHN5vJMT/p8XI9gTgslb02J544oluGq30l3nh4BVzLOOR9dQAXERhpAAhbLIa/ZMWAPYJpKY6Aq4+wegnYJNEJDWg+mDbi1ERCRfbF7YtiAMLu08SEKB2ARb8F0IdFjOG7ocGXGxQos7qe5BiGScAgGrFaYwUJ4CAGQFpLYvYdBwSdQZcxoRUKXxbaqmlvMSRRhxUIpEhwSIhhyR59/I70p4URYm1jaQjc4E0xkGlqUrAbeWeBSQoqSn2UIAUYSCLENKee+45fxsaKqbI0IleBHBpB7uuNiNgrtHYFPapJwBXzzMaEhJvmklK94n74AEm2QbgYpvArgWxWZHSQvtcjPmAAyo5pdFCymPDlWeqkHA14AJ4ZJaUTd0rArhaQkLVIgwpjZC8xEGFOo8jLKQ8gMszABA2Wgj1ev/99280dfPNN3eRppP6xGnMopdgcrmvLHhUIeECbBz0QmgQHBJphEkHqQ1K0nikshT3IOWhpQg/Y23rkC+uc8jpNVaWZ1lAx/VW7lkiNzi0hFCLY3s67BcmACRWoTvuuMPhSNRUFHB15S/aidlxdfs9AbiYPsAPCCFG/j9pntCYqVomhOkHJ6MHXDy72GlFBUalzOPJzloUgxpwQ48koRnXXHNNN4dX1ji4nhdwUec5yUTy4mSORWHodyJBscigmO2U3/MCrm6XDSQhUPyOCpwU+paHB2XBowrAFfu19BuJiI2ZRtjzxV4OKIo9Tj+DA0giVZCIxVGZ1C4HmrYbh+pvWZ5lzUer9ywqPk5eIRys8CKLQpNYzFxQFHCL4Ab96wnARRASJx/mQnF2J/FHavPKdYQo2vCAGy4KBgAwNUtFGFeFhIs9iEFq5qDi4zhDIkKtzEt5ARfG6pqbbGxtO4y9D5UMLQHCSSNOIH1vGcDVfS6SY57Ek7LgUQXgogIjeUqExrLLLuvt12mEv0Hy7FGF8aCHxHxJaihaERpKGmGK0tIOjqMFF1yw8UhZnmWty1bvWSITCNMSIhoFqS6LQtv4Kqus0nBOyrPtALjapACGEFiQFlJIhItgKPdJDLMHXGxQNChE5MHZZ5+dxevM64MacOkgxm28qbH4UWxWlGwDfAHmNMoLuLGyb5mMCm6IfR6kKOAC2tjSBLyTTBVF+lYWPKoAXPqNRx2Ag4gEwUmRlIQTxnAnOc0I3yOyoywhHdMvobI8y3p/q/csfgEdOkf4FwdUFsFzzDNCMf9COwBuqAEgJCWlhbPnMHeJk76b04xq/GwKISrnnHDCCVm8zrxeB8Clk6iReOtlc4Yd5wRC9cebjxoZo7yAix0c21qrD6+igMuJqsP5WBzi3MicuIQbyoJHVYAbOo1OOeWULrHcehjEkhIWCCG5IpmF311DTdeAPSgPqaw5avWeZX1I6CDvZv3glMyicJ2xTnWEAc+3A+DiMyBiQwqWE9Ym6cQhj0KnX7ewMCqla0M3n5qQfPkshqddrwvgSh+xS5M1RjxmLOgaFYqEitjJnhdw8WprlXLjjTf2DqhmqSjg4sXXzh6dOVa2L3UDXMahnVY4uZBcAVfsbJgbSHM96aSTGtEZeIxx9BKxESMcxmKmAJAxGTRDZXmW9c5W71n8G2hnQnnt/Zho9H6hHbRKTe0AuIwH4GTdiAaKILHHHnv4MEsOahIf+FowGXYSGRRiqTcphGowajYPNkt1A1w9HsAXLzyZSuLg4jq2LAmi1vfnBVzimHXMYFIWXlHeFgVc2tfqMZl1WWnaWX0qCx5VSbj0l8XPgUbqdlbaMTZ7Yk3T7LJE5kg4XJIDM4tP+npZnmW9o9V7Vn+ihncj0YXZlLE+hV9oph0iFdoRcBkTzm1MkFlZcsThYoYIs+Q84IanFIit1YusyU+6XmfAlT4Tm4vDRbzRSEDYr8LCGXkBl3Z0Zk5MxSrDzzKAS6oyEp7Qd999lyvUL6l/ZcGjSsClrzjLSAIhG4wxI2kAvkirmFWQ7hdYYIFM5yVt6RA9/saZmZRpmWcey/Isq+1W71myIsmOFCI0ENtjFoUhXFtttVWXdni+XSRcxsLagi/YaHG+4zBlfBz8mGAIGSMslEM9FqfbiMNFBRP1CfEY4GhmodG53gC49BPbHmqoEHGzoRSUF3BpAyeCSJOk/gF01E9ohsoALqerNmcQwqMzg4r2pyx4VAm4pIOixhLSSAooqc7NECqj1u4Iq9M2+aJtl+VZnve0cs8Sw6yTfrTdMa0v4XOxmNl2AVzqahDCiY267PfPGoCrU0BhMIVVCN5thooALjYjLVVSJYgqWEmUp5YC8a/EE2ZFXIQhaWFoD30oAri6PifPZgVu5+FxGcDFNEKIn1CaoT9PH8qCR1WAi8MGaYIIhFaZwQhW1+seKUacbXl4FN5Tlmd53tXKPYtHnTRxsV/TNk7ILNIHFBIdQptOSGknCZc1BtBiamGcYUW+LF5xvQG4xI9S0ERXucHO2YzEUARwSRjAeyxhTGGpxHAweQAXFYmFgxqQlmEWhrbAzNCDrWM4qVnAh+uSSH/UjnvgIap9Hq9vUptlAJfNg4qj001RvzGhlCHGgMouxIEYK58Xtl0F4LJOmAexF+ZNRc8ad1gfARDBXppHvY61XZZnWf3keqv3LDG0kqKPDZL49aQwO95PmjTrS2znmHWIngipHSRcyqdSqhPKmyIfm8Mu1cLYPDocDNDBqy8FYPIsAn1PEcDlOZ0JxN8UDaF4SIz0Z0u4HqsWJhW78BoKs2Jt6RRgDh1t95T7+V1qgxI6hu0mqbAPQNe3b98utRsItEelzypY3UrApa0Q/HGk4SyEr2m54LF+YNvW/adEnhSPSVsbVQAutlWdNQcw4PBkDZHrHhKhfxzoxOtyT1rcNWGRRDYIod3Ax/Cz2nn2Q1me5Wmbe1q5Z9EUCA+TkpRZFfuQ/uVjqqwr/CGxKnTtALj4tXT2LQIhMcdJZlfWo/gPeFak4S6Ai5TJKRdm7GDPxI5FHBqN4NUn04JFT246GTsURdEZViyGooCri77IggPs6TC2UCaOU5VIgLDyVxrgSrgQ1Zw0YCDNc6ITuiWZI9QbQHIKiUI+ALMQPEH1BHTpE/ZDXQEJ0MZRg/1WiDAtMlAYE2oJ/YKHjIXMHuKFMX8ACCGVkXClDX06y298bYK6pLQrtTpR0eEDHlg2D3zhnybywXVNXK5LDDepssxTWACoCsClTxR8lxq/eQFK7iN9nSLuMfssgMPchXHL1A/GBo70J5/jZswcvsT1YkqKFXwqw7O842n1nsV+zWFMTDIHMoIKoXZaO0NjJBxKUtYBE4SjpFC7dgDcpGLqeeYJzOEDtGjb3QqQo6pRkILFmBVmIy9jEXLSAcYsADYkC5DMFYpgCLHxWJQAM+AdOpIAcjLewjg+PShAi1ArwoC0YwtpHAAh/1sAAPAiDk4IKYd3Y15gQSGxSnQC9Q9IfEiSqDn9qcQl9SZCRiNtSb1cuQZwUTs36WsPYRuoZDghBAC5DpBzoDFeyf0nXpi8d6Q0qV2bNfEEaSMNsVnyEKYD5jQsi8dvsZrC0qaE1eFFh7+sA7QmKcgDn6nkjyTEPw6etBTJtL7CG9YL/y1DAAp8QcgIibWPxx0AimX+hfcjFGCrR5MJKS/PyoyBZ5rds+F7qYHL2MWJzp6j8I8UIGdOhSccJmiSsboL9Es+LqDt4oSOAT7sJy0AkVSAMIXAB8AJsYfoD7wV7YU4V4QCHNxobLIG0GLY80SbyBrT+wl8wlTCesQxqAuQU0+ZGHqwCTu01gDBJnCH+OeyhMCX+BFJJDPMCaQQwgSkOEqSAZKoWAwIFYvFqmsF6KLMaR1LCsSH6WxQTk+RpNiUqOhINAya+EhIx0zqd8liAFQBfZIR8CwCgIAW40AS43mABSkHoI0VWtbtMsGc+CRHkP6JaYGFKM8npULi6ca2RQgN7+fE5/08jzSL55ODKLQbh9ETSfzExojzKItYbDjS2FCUIUTdpS+oP/AC8GYTcHAh4SWZHFik1AcV0ws2ap7j4MWxgBMyHEtS3/J6w5Oe55DjSxqx8qBZ/OA6c04saVJFMDQ49gHrCEmWfcH64oBlDbMHOOCz+J/Fs7SKZHnGwT1l92ysfdYKexAbOWuFA5RDCKEKnrEfAU4O2KTi4DHNKnwXe4KvSUC6QEysT7qoVhhNksYjXYgnNFsmPRdzlsKTfv36dfl6Rd654T4Ei0q/2lukM3avcaAMB5CukBw4jMkgjFXgl3YxmXBooi3oQvPUQda1RMr0w55pfw5wOCAYIUVzAKclhiCQoRVjZtRFgQxw23+dtO0IKQWI+QuJC/NF3rjxsMIVscqhrbptmWYDK8UBJH20eUwZmDFEKs9qjPsxAUphdwPcLI7Z9VpyQBfMBnRjX4dN6zgqvOS7YzKIfbOslgO3TvU4BzCn4GTGoYytuqijVtelNsDt8emzF7aCA/p7ZlmfwQnfF6ZfY6fNqlncij5bG72TA/p7Zjh89VdU8oxIp4sb4ObhmN1TOw5o54d2vOTpqA7xSSpEnqcdu6czOKC/3sDXPYhmyEuYH3BAQ8QqG+Dm5ZzdVysOECqEKQAqUr8Zzzsf6sTjjIONNO4yCQ21YoZ1plIO9O/f3/FRBoiMQ6KC8iQNEVdPVqfYb4m+MsCtdKqs8ao4QJQBoUkkKbD4iTEmtpOkhJAINSQSgYgG+RItiQvEx8Y+SV9Vn63d3skB1hiakGSaEjZJHDwx6mEMOVmmxM1Tc5lEKSn9ihkCc4QBbu9cA9Zr59yAAQN8lTfCb4So1EZcMKE7hOYQP06crdToICuKIj6krVIHwMg4kIcDxM9TfU8nPhAVQ7w5hzcx/4QdEqut62uTVcpaIw0YMsDNw227p7YcAEgJ2eEfyS1kR5HMwaIHXEmSIV6SBBcSTMjmSytkVNuBWsdqwQHiuEmyIRuWjDUOdDQoJF2Al7VFphqJMEjCJEZpMsCtxTRaJ4wDxoFO4IABbifMso3ROGAcqAUHDHBrMQ3WCeOAcaATONCnEwZpYzQOGAeMA3XggAFuHWbB+mAcMA50BAcMcDtimm2QxgHjQB04YIBbh1mwPhgHjAMdwQED3I6YZhukccA4UAcOGODWYRasD8YB40BHcMAAtyOm2QZpHDAO1IEDBrh1mAXrg3HAONARHDDA7YhptkEaB4wDdeCAAW4dZsH6YBwwDnQEBwxwO2KabZDGAeNAHTjwPwmh0drXn6G0AAAAAElFTkSuQmCC"/></switch></g></g></g></g><g data-cell-id="7QqzYbiBiShg53c-Jw5P-44"><g><path d="M 450 315 L 459.86 157.23" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="stroke"/><path d="M 461.82 163.25 L 459.93 156.12 L 457.16 162.96" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g></g><g data-cell-id="7QqzYbiBiShg53c-Jw5P-45"><g><path d="M 439.7 154.52 L 386.37 223.23" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="stroke"/><path d="M 388.13 217.16 L 385.69 224.12 L 391.82 220.02" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g></g><g data-cell-id="7QqzYbiBiShg53c-Jw5P-47"><g><path d="M 365 120 L 422.77 115.19" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="stroke"/><path d="M 417.1 118 L 423.89 115.09 L 416.72 113.35" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g></g><g data-cell-id="7QqzYbiBiShg53c-Jw5P-38"><g><rect x="195" y="55" width="180" height="30" fill="none" stroke="none" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 1px; height: 1px; padding-top: 70px; margin-left: 285px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Verdana; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: nowrap;">Bootstrap (Management) Cluster</div></div></div></foreignObject><image x="206" y="63.5" width="158" height="17" xlink:href="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAngAAABECAYAAAASsEjFAAAAAXNSR0IArs4c6QAAIABJREFUeF7t3QXYfc9WF/DB7sRubOxuMUFRFFTE7lbsbgVEwQK7W7GuekXFBBQVFAW7sLu783x49tLlsGv2Ofu85z2/tZ7n99z7f8/eM3vWzKz5rpy3aUXFgeJAcaA4UBwoDhQHigNPxYG3earR1GCKA8WB4kBxoDhQHCgOFAdaAbxaBMWB4kBxoDhQHCgOFAeejAMF8J5sQms4xYHiQHGgOFAcKA4UBwrg1RooDhQHigPFgeJAcaA48GQcKID3ZBNawykOFAeKA8WB4kBxoDhQAK/WQHGgOFAcKA4UB4oDxYEn40ABvCeb0BpOcaA4UBwoDhQHigPFgQJ4tQaKA8WB4kBxoDhQHCgOPBkHCuA92YTWcIoDxYHiQHGgOFAcKA4UwKs1UBy4HQc+aWvtB7XW3tpa++u3a7ZaKg4UBx6cA1+8tfaNWms/r7X2Px78W2/xeR/ZWvsqCw39zdbaF7pFJ9XGdRwogHcd/+rt4kBw4B1aa7+0tfZFWmtfrrX2scWa4kBx4I3hwFdsrf3p1tpfaa19j9ban3jykX+u1tqXbK190dba27fWvncabwG8B5n8AHi/vLX23Q9+039trf3H1tq/b639ndaayf2TrbUPuSz0f3CwzXqtOPBaOPDJWmvv21r7wa19/M0wQN4Paa3952kAH9da+4Ibg/EMYPi/bzjor9Ba++gd7X3K1tp/2fFcPVIcKA4sc+BTtdY+YAJ3/7O19v6ttZ/wANa8T95a+9qtta/VWvuyrbXP31r7HK21T9NaI7v+27T//21r7Z+21v5Ja+1vtdbIJGCVovqvNib+UyR559ECeA+yUwLgmXgWCGjcQeNw+Aw3+MbfOy3yP3uDtqqJ4sCjceCzttbe0lr7GpOS8x1ba7+j+8hvPFn0vlhrzT97jSu3J89Rim5FH3QR0O8x09ifa639tdbaX53+/ebW2v+6VafVTnHgDefAu7fWfk1rjeL0R1pr/nsLIJ3BMmf5D73s9W/bWvu0Mx3Y8/+mtQacAadr9Hcnl+uS67kA3hkzeIM2l1y0P7+19v1T+6xzX36mPxNLE/gC0+/vOuN7pyF8z9bar73B91YTxYFH4cDna6192KQR/6eL1fqdWmsfsePj/mJr7UvMPPd7Lha3b7rj/T2P0NJp4J945uEKy9jDwXqmOHCcA4wlv28CeZSpr3txYf7j480NvfmpL6Dtp1+scd+32/8fczHc/O7W2h+YFDygMxQ7CicvA+WTte/dWmufvetVu+TcHBXAG5qi+z28F+Ax3+6x6H2iyUQNIGYrBeT/1Xa6jO43+uqpOHCMA59zAnMUG/QtJ0ventaWAB5hKzD5b+9pZOMZgd4/YOGZAng3YHA1URzY4ADrOSs6AvK+5mVP/ouTuUax4zWT8BFE0ftRA/LJe2TEN7mEjPyk1prYQuT8hwPmqADeyRN7tPlbA7z4ju918fP/ku6juJ+4od4EEo/1cybNjZXn3vTS/d97vPfsj+Ly4ZPCot9f1Vr7bgMfEADv37XWPl333s+8uHp/xEBbc49+pks87d+f3C4E8qfvHiqAdyWD6/U3jgNH5SmvlbANxF37jpeQJfF5Z9DnnmLf/W+QTFdnLlfsERKjJ77+k7TWPssKQH0TAB7rJivoT7kw8icfYeZLvHMWwNOuBAuWjiBWvM98iQtwsD07/eVJi2KafwmA99L9P/P8/rTW2o+ZBijBiNVtJJkoAB7t/hu01t42MYvbhICOBI0jfBTY/VMnd8qvnLHkFcA7wtV6503mwFF5KoxDuSRACbGI2Zu3JkonMJfDqP7SpIQKr7qGtCNLVtbsP1po6E0AeL/okoDyfQrg/b8V8JsuQdzfplsQX/rizvoL16y2V/CuGAYWHvQSAO+l+38FU3T4Ewk6WWURfvCBU927kQYD4AnElrHGfZJJNjtgdoQIWgHRkj9+waRxO1QyFcA7wtl6503lwLXy9BdO8XD4RyF0Bt66RmYodXmOfPcfu8GkScL61lOsMdkyR88O8MQfiqGUrFIWvGkFSBn/gd1qEHz6R2+w6B65id9w2cDfbvrAlwB4L93/I8/Ntd/221tr32JqREkTGjp36AhlgMfUr6SA2NUgGeey2I8QDZOmyQ0kG/47TVaDAnhHuHmbd77UZKX90Ns0V63cmQPXylNxcTmuluVeZuutiAdAWZOcKfvbpuzdW/Tx4y/JGu/VWvvCU+LWmwjwJIkqf4UK4E2MmKutJ3uQuftZiQv6H17qoqk9hO4N8F66/2edV+NS4sTaDQuYoqZf+cCAM8D7LtOtF+/StfPVp3iakeaBRKVPCOLfOmndAGRZ8Ea4eLtnrRf8Z/34G9P6uWWdw9t9abW0xIFbyVOxW2K4kGQqyhfF7hbEAyBrNhN58sG3aHzKxOWxYH1cWr/PbsFTTzSU7gJ408L6wxdr3ddLi0zsnQDw0SBTZVhk4H6eKYbPAfsvp7gn1cKvjTG4Zftis8RoBY0CPALFWN9uCsBXYsZYgUaHBE1wrWbZtf2vyQSa6NeZ3JO/bOFBtZ9kcHn2M07/xJ8I9ifQ/tQNakKZf4qCDccVibg6uU7PdP//jEtc249M46bZvs8BIdoDPOVV+vp3rAbfYbBtmbw0d+QKIby+FuDdYz5jmEq6OAT9M6//4VKuQc0+e3z06idxjNahwHDrUAagYs7/fGrzzx8sKm3tKSfhphJlJCTJ+DYFYu1N32sP/8TLfv320+Eoc5LnYq9i67vFUuGBg/NfT20rHn+r+GVty+r8vFMAPSs0eb2W5clNRfEgm8hx8aLm5uieI3cV3w25bn707zClqNwKDJsv+0EMmbNHVilr6p5z41bytN+H7z3Vhx3c4rOP478bJYLMi7X532/R+M42HhngkWFfaTozyALrStKJeEJnknMVeF2ir9op20cB3r3Wu/OWe54c/eCzkiyYiwk9zA0Si5Br622tHULxxyVQMfc84crly4Q8msxwq/Y/23QYO5BDS1sb21xBW66+95vcfzKWlkgdIs9ZZEFH+1+6S5Ab8ltNjVsf/r/7VRXzRQ6xfpzf9XKA/ugp4SC7G/txAKy/5SJcf1hr7Z/NDDIylebGb3O6IcI1QDl5Jz/LVcFi9eu3FteB3//edBjFq0evI+sBHh4ro8DyFoRPDr45Hi19esyn/WBto6MA71bzKQGFAJ0jIIZlgzBiyeT67jN+vedA9vsf35gzVgaZig67rZJOBDvZIr5oD7HI2wOqA6zdSkL5coBE/UHgjJK7dW2db+cGYo0BuuYIOLE3zakbBnr6Q5eYq68/83fxwBQzPCGjzO1cTVPtU9xkcQPXyDvKfYilBu4iWSB3g+fALCVrDwGwAA4r01zBb22I9ZJR7syYU2glNQFsPSnsq3oBC5k1I1SGbO3JAU9e9ZUePHdUnq6NHcCgcAVRBgDla4mMIJcy3bKe5t7v2wvwlm71If9YvHtSF1Ttvjli9MgZw/0zijc7C1yhNidX4nkYwhqmaAfBLRRm+0Ui3Fw90dwf5d96mqNr17v7jdVUnCPhH84TZC1Y/995Umr97d3OAng2MAEaRHMWXLpHCNj0Nh5BFGQBqO9D0yRsbWACImcg/upJAG9pLrdun3m8D5RfmI+P/3MP8GiXik9GyQwHok3q2jff6pD0Tgj+XzGBnOjjaP8OKqBN/98vfTCgzPJoc7FGWkSZ5gBe/gYWx981aeE2oUNCewEatWWjs1T2FgNzq5SAA8nmCgudd7Q1J9TneM1FSbiPWn6W5o3wyYcqAMaicaT9HuDpM8ow5P5HLIQsIRHbmt0zRwHereaTsgJs+j6uylyfi6Li79bBFrHuqMclo2+J8iEDZLF4EdzWDcuXfSRG0TVNQRSGn7vRuX3Hwhrfbs5ZSlmByDUHCcAk3jHLI99s7Plgn+vKO/Z7uPu1z73mPdnU+gWy4pBStgKgsscyGZ/+ADFCPg4lAEDSDuHfl+WZ+x4HqthpBxaQFOEma2xiRTI/9sUaKSdEtocSSyH7nRNIMT6HWV4Pv386aI05E0WQjCCjMqgFgH0Dfq0pmtHWXELTUXm6Nm48BJqz8m6+rnXT2lO9kuL7I8t/a1/d6ve9AI9ibp2wiuVvXAJ4+OVGDh4b/2CKWNdrAI/lPpQ9YwTo8Qm/7S/niPUTbtf+arU1UDXHsyWAd4v1Dmza085p6xqOCjIGe4/Bh4LY79WbAzyAkZVOdmGAR+65d955+bJ3bPhvNo2A9kbY0OR6kz3B+rO7S44JRu8umffPbp/liPAN2nLRErjcEXHoiFsEtnqQalHjqd96gJcX3Gj/8W7mF4DJ9eKQCDKHBCbL7BrAU2CXdW4OZDtMzVeQYtjvuSJhrINvnn4H8F0DxlIFGHJF+B4L3uLuA5dlqTqgbkGRvBBtAWk98N3bzxzAA4IJrHxlECsFV/eekAaHssMOCCUIYz6vBXi3nM/+W6wprlL/ZBWaT3/j/gNSadCZaLHkyBLFIcPKzYo3VzBa21yAUaAaCHPQ4v0cmQ/r3TMI0AAoPmrmYUDNoZLXhfX71o1vFssZLjbfYYx4ksnBCFBSbBHgBxCG9t53AUxQQIKM00FA1rCOsSyShcAjkNBfZUXu2u/AIVDtAKScA0944aYDh2gm1s2l0A3PqQeXbzNiaaMY97KC/GC9C/p1E3ieY6MDLievcLX5XmP1v+QEhdPa4JJm/c9eJWvOYb90F/NReTr3rVFqJX7zLWT5NcRzRRHMRDEW4nFP2gvw4pu4K7OLfAng9WMwTwFi1gAeHKBQM5K0xmhgHfTEMq3ax9rdueYpr+u9Ltoz1nsvQ1VK4PkI/GAvWdOs0OhqgMfCBKSwBtG8gAKuqyBuA1emsNjsIeDQwR8EseeYtrk2+nIsa1r52e2PCgQAB3BDrAxiJ5ZqoJk0FkxC0qKbo9H+o40eEBNGrGCseQ44BwJrn6u41gCeg2rJymKtELhhReB+NN4lMN4DvC2XKItvX17EJgcMr6Vf3CkSW2Bjrb85gOd5WVqAaqY9N2Q4pPHcgd0fGtcCvFvOZ/8txkqhWSIWpPdNPwId4tuWirbGIbOVQSiOksYd5MYPgnKOxNLlcAj/7VBdomxJ9cyWIgDIADTI+MjQJYtf7L/oe80VlwEeuYJvS9ZmAIdCl13DDkiK6lLMn/ZY13K2t/9m+ZgjfVijYYXUfp9YlN/7g5NrLP7GxQmY99QDvK3YVZYQpUOydW8NhB+Vp3M8wB9AI4jy1FeZWFlasz9RYlmOM3Epiqe8Jz0SwKNgZQXJvrG+l8izFLlQ4vrnjgC8s9Z7L0NhBZZ8a8sYAVUGgdg/uwHeyGIhqFgUCOc5TXepLZoVVC7WCgEA4ieWtKtoBzMNLJC9A8Df+nvzzm7f94wKhFx2g0uJAFojAowmsiQYRvuPvjLIEny65Aq1kADNPgaPtkLYcnmsUR/3p62lOLNRgKdfGnG+VcL64w64lsQxiRULAkx6MLa3jyWA92VmYrVYhObiqnJfMWYWFha/HDB8FOCdMZ+jAI9CwJqcY6issagx2fPb85QSYI2AW6Le/aKsTA5RyO+xLObYSK561oY1EnucQwvEWs1ZE8k5e83hiCgiYXVYah8/4iBaK9OTAd6eayZ7V59Dz3pco1wfznPqhC3FxnLH5xtaWB9ZLpcIuMxxtEv7bRTg6e83dtZ+6zKD+PxNR+Xp3Lh62bRnb2/JFKEDOXbM85FgtfXuLX9/JICXjSb2iHN/LYmCAYosn4tLxaMjAO+s9d7L0CWreSSGnALwYuEwF4oLesvl4BEft3RRcTzPnebap6CRK6CySTYmpTd/n92+fkcFAv7Q+hErZz5MjmzA0f6jjwzw1kzftCMaIvfKEeoDwcVXLBX9PALwuN7E9WS6RWmePsHCBh6Ju8zfswTwPMNCGsks8c7a9zPNi9UU/P5jO4uX948CvL1zOzKfowDPN0SR1fied0+Zwnu/sX+Oqy4XgOUBiLqV+VmW5nz3JgsYJXIti937eU/77yULEcshK04QkAlsrhF3Zc6u9t2+v6dRgMcil+NhxRZmkDr3TdYcC0JYwxyiAVbz88JLyJRwG1Ho4v8vjZVHKHt9yAiyoqcjAM+BLuQniEKwdG/zUXk6N673v8Th/fD0Azm1lrCzZ333a807irHPJeHsae/oM48E8NwUovBzkESMpRCMPeMdBXhnrvcRGcoz8CF7kyz4y+cQrveZN8V7MPHTcAEAroZsBic8dJhjMHrm0r5zID5LTAZ8a5PBoqWwclDOBI2/nd2+fkYFAvNqxBt6fytmZ2tBjvYf7e0FeFv9b/3eAwLuRXFBc3QE4GlHzEUOE7A28kG69Y1zv+fYD7+PJED07a0BPHGELAyZ1g6gCAh3oNt/XOmZ7g3w1uZzRDjFGPpDkWXx2gzpHuABkf2NO/rvlQWegfAurK2hXtkUtjIn97iSc5zhnpsH+pgrXhLAvqdRgOd9Ml5sFPJ+H5c3N2ZWO2EWQXPnCTd/LqWyx3IluL6PzQOu+ySOIwCPlTTXiDsjpnmOV/1tE+I5g99HZJJ3ZJb3Xp+1gsRH+9l675EAXh/rLe47wiC2xjH3+yjAO3O9D8vQvQBvj5k/M4dbgnCOqv/xG8uPbK456q0kewRetCO2gfswSKxaX27g7Pb1PQqwxBjKOA6iEdPyxGMdydAc7T/6fSaA18eysR7njOzRTS5uqI/7kvWaFYqRNtcAHjejdZoPTQcvl3lft8sB7FkJGr7FN/X02gFen9F4T4AnISMHZtubOQlmac77+DFKK4WzJ25bLvWgtXjHeKYvais2lEWqpyMAzxrPmbp7wEdfrmTuPAFw7cGgrRjJLAuzRdCe4P7OdATg9S76ewG8uUx56+mae6f7WrN4E+WHRmTStc8+EsDrY1WNjWVc1m62yO8d8yjAO3O9PwzAC+ZJIOgzJSU6ZBO5Z/nJexfuUuzK3MTQWnpXX948Z7cf3zQKsBzcEhr68gVicyQMcL/sLZDqG0b7j+++FcATdM3/z/Ugyw7fc2kA2mbOvjvDggcgUy6Ccl24vZs6P+dgYanItBaYv9XHGsDzbu9i8Le5/iLbUFAtfs/dE3ktwLvlfA4Lp6lCf3aF7wF4rGyy14UT2F/2FutPgA/ALcIi8HbJguc3MilnXcqUncvGy3MuRi+yXf19LkGAd4MClwERL8dWxjSZli1r9jue9PRIAE98m+SUINbwPQctF3Hmz1xZkdcE8HqXPH5wjct6PEq9V0o7W5Ubjva19t4jATxrRqKSciyZWEydp+LYnQlboRbx7ijAO3O9D8vQsyx4wRyC1YGWM1RoijTXvMkF5/Z+8rUA/H6xiUUCijL5W9TdO7v96PcIwOKWVfx3roiodgU8c/HImFqrNO/ZI/1771qAx0oh23k0hvAMgJfvDTS2uazfESEnyF+cWybFM+NuwpG2PLsF8IAS/WVgLKZGbE0QS58YHvElSzFknj0K8M6Yz2HhNAjwKA6yY8WoLRXQnZurNYDXhwksWeOiXXKG9yDCU+xXcqw/TFhde3f66Dry/FLW6CMBPHUGFYm+luZcj68J4PWllvDDXu/PrRE+/awZj9jWGh1pf++zjwTwfLO1IhRgqRAynpObyp9sJU2NArwz1/uwDD0b4GG2atI+LFNfq0cAbR+LxV2w92qeOTdazng7u/0Y21GAxeplYciAWiKmfAcYl+6Spn+0/2sAXq+xiAthuaVFcalkF8Q9YvD6DLxrk1fmEje2an6tCcYtgOfdPj7L32TTEloo11hiZRN3OEdHAN5Z8zksnAYAHhAucUI1d8TyJhxENj/LPjkSe2ZvDJ52eneezE9W6KXwCX1mVzm3UH9PqHYdPIBgpqyQrq2fPb89EsDr7yRX6BjYuQW9JoDXK57GL4yoXwcjfOkTB70rTjNbTEfaO/rsowE846Bsib+TmLVU9Nq590FTVYol48kowDtzvQ/L0HsAvLm7NgGArNWx6PWlBEbM17T3vtyGNsNtdXb7sTGOAqx4H8ADfgVf54r7eeNJzBDbOGdiPtr/UYAnmSbXGBK8zCK5ZP6+B8CTnJMzqPeUfFgTbLRssUaZ9mQ8LrW5B+BxswSYi3YUeY6YVlZJBZ63AtZHAd6Z8zksnAYAXi4XAciJ312qfTUC8PC+DzNx6wz3eC4yTP4IDch3FYvFU3x67naHOXkFpPbXTh09cB8J4EkSymVoRqojbI3/NQE8POjrLY54qeZ4IRSgt0A98lVlMYazCx1nXjn71QoE9PKdvfkZZdYobnMlu0YB3pnrfViG3gPgCfr8M93qlCmYb3yYc1nQxvuDdWnDz7nRtBlu4LPbvxXAi3bMiwUnOQCf+vIDDph8K8S1/R8FeIKn840Xa9Yk33gPgJfrIOnz2hg8cVfKRmS6JjN3D8DTl8Kw2S0LuLAmKpsSdxPO3Wucv3MU4J05n8PCaSfAwxMCOmQZq13OTO9lxijAU/YAeOOJyPF4DgPrwmHFEhP9mydZ27JblwLoha709T3VnetvsNgCOEu/PxLAk+mb7+nMisrR8cV7rwngMWj01+LlM+ooL3i+cgkZMX2MA1vXxh3tb+69R7TgLQFi5ykLcl8GaElujAK8M9f7sAy9B8BbymrJWh0TqizBnKWmmC5LxR7qL3PmoiF4A7ic3f61AGttjICuYNrsvp3LEtbGvS14viPiHMwfV/nSzRT3Anjc2NmSshSIvmddeUY8lxpfea9oPydy7G3Lc3sBXn/rinfFOXLnu8B+65YEz48CvDPnc1g47QR4imvnGzGAMbFJSzQK8LQjHpK1FO9lLgr/APwBPiDOoQqQcxNbb3vcbrksiT5udeuKth4J4PVXj3Fzx727I/tm7tnXBPD6DGiKgLjrvcH+S7zqb3zx3C3j8JydivArxL1UEPq1ALzgoe9lactF8f02l8gzCvDOXO/DMvQeAG/uQmTasGzBTIQj4RvkvkNBzntIwc98/544sNyWNs5uXx9HAdbWGGl6TPFZ65iL3zja/xELno0P+EQygCr7OXtwbkz3sOAprG3tBNGc4zq4LT4v/S5zUvZl0PvM3AG5t+29AE+2pMSjnDUJFMR/i7+ReLNGIwDv7PkcFk47AV5/nRgNva8lmHl0BOC5PhHgvlZZyN/h0My3rCzF6+1dV/m5RwJ4fYiObEaK4FbG8J5xvyaARzkzx0Hik3M5pD3jnXuGXGLBdkYErV0bN9pPuIEllUkum6PXBvAyn/L1cVy5iolnGgV4Z673YRl6D4DHXdFXCp9L5e5rXu291Ndk9HEy7njMV+N45uz29TEKsCwuGZNLtznkhcYlq4hj0JxLZ7T/aOsIwFPc2kEStFRtPo/hbIBnPROcuRTL1h22ewSeQq05fsOB35f/2dOOZ/YCPM8GsOjbBvy4JvtisP1zIwDv7PkcFk47AV5fDHnpdofgzSjAywJ+6U7UvXOfn+tjdSig+Tq8I23GO48E8Cilff26nDB0zThfE8Dr5/tju4Ls1/ChL/SvrWuL5sf3hIFmreD6KMDrZY0zkDzbolxwfunGJbHJwK7QnC0SyiGmPWjOGDAK8M5c78My9GyApwaV5Ils/RC7InC9z0Tj9shXrOy5m9XEGINMSXXzgtTAykHQ/n52+/roAdbWxc8AD/eOTbRFfQzHHgveVv/R5xGA511zKEYJOVTM90u6aPvL3mWX5gvRt3i89Htfb2pvsda59kYAnhg8rr+e9rqIRwDe2fM5LJx2Arz+hoAt3owAPM9yyXKlSdror5E7up689w0vcbYSNjKt3bU70tcjATzf3d+48GFTvbaRMc09e2+At1eezn1r71mQvenmmluQM1Bcbr6XVvy6+Pc+fni0P94K8aTiB7OBIbczCvB8LwtujlvVxlZx/z0Azy1Dwr+ENm1Zifv7v/dY8FSxyFehzfHzrPU+LEPPBnhcSJiWCSLu74mN3/n5BY4H7dGY32NKdY53ZK9ls2vu++z2+wult65bA/CAEindWwVUcwkGz9IU+viN0f6DN0cBHkAOOAdt3T5ytgWPkFPaImjLmrNX2PUb6yOn6/j2vp+fGwF43hP7xeIdpOQHcL+nWOwowDtzPoeF006A1+//rczivQCPsiLsIMIihEiIbeoVxyNrwDtc4lxr+TYLYB5o2ap3udXnowG8PrPd97uBw00c19DZAO+oPJ0bk9jDXHwXSMi3GF3DB+9arx/aXSmqSD5radSDPdIHd6/zlKU8xzbntkYBnndzvK//dl2gmpRrtBfgKRXzLt2VdHPtsnLmMLA5r1guSaUNNWlzYuFcu2et92EZehbAIxSZdPPdshjhyh7pyktWHgcXd1jc7OD/E8hL9fDEB0DLAp6R50xSX5g2JuHs9ueAANCz5EoLwLN0p2R8t5IxNmscNtzezPI9jfYf7x8FeL3bQVIMLbc/oCSIiGFiqZRBGHTLQsf9VUBKttjkt6A+rmLPZexL/Y4CPCVzWAyDJBDkS8vXxjcK8M6cz2HhtBPgyRh0WIQlGT/m6hSSKZRN6zArJUuFjlntxDz2BcjJFgfmknVAXKpi7sCy/c1atUTKqMjey+Q9NdPItTUiE5aUwkcDeObGePo6nw5ioSf9VYB53BJZnFP9TUeeORvgHZWnc/PGU5PvMr7GGri0LsQ2khXaDlJ6R+B/liF7ZCLrH1AnoQuJIXS15hwdAXgKDec7oLnxAad85ai+zL2beoBj8XER873komXBs66A3XeeyVaP76dg6St4BWtw7/bUrzEYg2elv5ghv3fWeh+WoXsBHkG3lvlkE/J7GzhAAxnng9zgXb0lSHPLDGtBSaUPkEfLFZzqwI6yA4COYGoDjudYNABKQnWNzmyfAGPdyaT0gW9nbRMbBpTiD55mixZ3DSud2IEQZnhIA7PRomQGlzfL5pxwH+0/vvMowFOyQyxJvnXBPNhcNgLXPMDNXA702UTZGjUC8NSr5bYHAAAJ0UlEQVQHZJ3taxVpgwCTTRnEvS8r8Ra3BWhTdre28mF/tDDtKMDDW6BCWANFQSjC3vJBowDvzPkcFk47AZ75kVTRu7u45/Ha4UOxE4tpP7k1JodErN1kMRc/vCFePsHPHz3VtlyqmD93NZ1GyI2PmcCrkhfkHEu/WCVlMVgXc5JG7vjRAJ5vc0iTd9li6e+SLvxdzVJ72xyR77Lz3UjgPUBYrcOtw3fpZo/83shdtEflaf+d5F+ucWg+nZfX3EO7tA4BF/e9S2TM9wk7l6x9dfKsnd7IwkgC1FlT9gdZkGktJv4IwIMTPnxmENaAW3qsAzxyZhoH2WdsochtATxNKyGjqoIxh6taGyp0kEdhAGAZdM7O1c40NjdfZHDuG8kciokzzhoV95+VuTPW+7AMDYDHSmbhOyz9ky48ct3PmtCjuUHVa5ps/76AdtaEHHQMIJmkmPj8jjgZQe85hm/tm85sv9dM+u8AzNTtI9h6l7FnWQY8438t7gyegD8m47WCqHv7d2AA7cBi1syAS0krDiT/8HRNw2YRcRAuKQvGRICzqthErocJApqAQXzo3fb9NVHxDguJA4xwtOkE7AZRHlTKV5IAf29JQDrQGLQ3iFnIAXARewvgNae+j8Uz+Oww72Oyoq+IM6PB9iEPeYxqJxLQAIB/+srZdZ4FesypfwQggJNd/becT8JUPKxvUtMxW3DsWVYF46YkmFdkPvHLYUOj979BXPAOqY/q9rp9Yh31h1LmjbXm0LNWAWSAGTnozIPvsXYcfkGAPWVzKeRj7/pyQIgFXXKV2dOSwAC4PQT8iYtycAUpmhv7mUIccgOYYPWlXMXcR+wsS6b5YbmgJIUC43cHlnf8s1b8zXxaV/GOmKxc2oqVB6DljpxTQgA3F7/Lcl+TFzEme5xhwPrPyhqQqCi3IPlsBTJ35Atwr/ZqyC2gwDdbS/ZwFAzXj7FxFQNA1mLvbdkrT9fkTW+F36rVuGcNbD2D1+bHvrM2MjlbKNz4AzyREVmO5meBH7zhZcryyf5xjpJr9p3QqyDy2byRL/5ZQ3NhByxtsMEaseyJbf+ACRDmZAxt2/dkQuALbmSgrifrxxwBZHnNUp7xaA2fMEythRNYM842iVKZbrHe4TCA1DlNHmZDW5ydzhC8YAz7/8K2YpP112tsLZ7+d41iHquNCTGhNstbZ26oGGn7HSaUDejR6EwOQcPcTeOjAdgsBP4ROqN9E2KREdqR6UjbIHSYhLmpWe+QZ4FrwsqhBljT9iJZAT9Z7AjNvIjXxrq3f5t27Wq06MP39q72vn9joDUCGObI+IzZppGgEAu/vykh2pkrGdADPBuMYMcjwE65kAD9eET4ACsSbs6gPtZryU3e9+17aHNbZJNm12F+noAG6m3ytWK4+UaHrf7id9b3vujurebTXGXAtPRNBKwiy2iurtfce/13Ww/c9A5T/TrUKYRkEb6InYm4xYgr6tudiwvTjox8B9w1BNjk2p99WxRX4Ss8DIS4w8HBC/hS+IRo2LNkKkDcUx/fuvStUcGAywsQ20PxjgMdP7dobS17VzvmiVw3V2QGSwnAARiSdw4vY82Z+tFvBuhL3yL+WykhRMFg1d+iucLhe+XpWtvmPl/PxkJGLt6DrF9y17qKM4YiAdhRAigA9j+ZTQGhjJCn4kHNdVa+8vfuPT+8k+eiHzOeUyqteXLd2U5mfsR0XjrjIxyiLy0UbcmEfdfUMMXW2qJUUUgYVLRtvNaTMRoX7OCc6eXf3LzYm844yhCesuLhj3Xq3FmrfXnNeu8tzmtr5hMkl+7Rou6xCKuP4kDPgR7gXXtv47UcJuhpSHHfqUOG4Li2UOm131Xvn8sBSiDlyuEA6GzdNuHgZNXg0soJYw6E3pJy7pdX64/AAWCArIiadxQ1oHarxNEjfHt9wyvnQAG8Vz6BT/z5PcDjBmDFeEnq75OUfLHkVn3J76y+b8MBrkTaOXC/J8sv98oixyXqMA9imQ/r/W2+sFp5dA4I9M+u9GvusX70sdb3PRgHCuA92ITU5/xfDvQAb+TqurPYSBvnPvItiFtMPbOi5+MAK5ywCq7DPdfCzXFAHBL3cwG851sfe0ckTIUVGAlbEmaxVZ9tb9v1XHFglQMF8GqBPCoHeoB3ixspbjFWcR0ShyJLXIxEn9p/i36qjZflQA6uFwzuSrRRktWpFiMSRxflnEbbqedfJwdkaYojRGIpxcIBeUXFgbtwoADeXdhcnRzgwKMCPENRp8zdjEgWFq382uK0B1hUr5zIAUlc4j6RAHkZtiMk41S8VWTr3vIe25HvqGdfhgOSZFj7I2ZXGScW3aLiwN04UADvbqyujgY58MgAz1CU3FCXCMnukqW2JxtrkA31+AtxwN3K6rAhZRdk946QzNv3m16Q+S9rVTmWoufngAxvrtkoaaEMlRIyRcWBu3KgAN5d2V2dDXDg0QGeoag35q5G+8j3KrZbIG9gkh/4UbUg1dZErLNCBPYUmI6yGgoYs+KhrftxH5gN9WmDHADu3DOrRp8MezU51RQsKg7cnQMF8O7O8upwJwdeA8AzFEVT1XlSHkNdJPXy9hbc3smKeuwFOCBeTn1NN4cgtRoVDJYRybqXb+SRHeumGQWR1V6LYqxKYQB3Lmoven4OWANK6sj4V3NRLdT+Krrn50KN8GE4UADvYaaiPmQKQpdxJqaNcMyV/d12IaZFEVUHrEr1S3ca35uZQACQp0Cwgt8KWy7dh3zvb6v+jnPADRlxp3aWlbIgFSH3v24AYLXJBPy9ZXLjqzBf9PwcUMxcjUS3JHDPunVg7cah5+dIjfDFOVAA78WnoD4gcWDvLQZembuB4SWZyR3nShsZly6wnrtt4CW/r/o+zgG17FxNB8CLy6N4AHaKH8uOdA2SSvbKqciwdq1d3H15vNd68zVxQIwlJVS8nZuhHkX5fE08rG+9MQcK4N2YodXcG88BV+IQ7mv3977xTCoGFAeejAO1759sQp9hOAXwnmEWawzFgeJAcaA4UBwoDhQHEgcK4NVyKA4UB4oDxYHiQHGgOPBkHCiA92QTWsMpDhQHigPFgeJAcaA4UACv1kBxoDhQHCgOFAeKA8WBJ+NAAbwnm9AaTnGgOFAcKA4UB4oDxYECeLUGigPFgeJAcaA4UBwoDjwZBwrgPdmE1nCKA8WB4kBxoDhQHCgOFMCrNVAcKA4UB4oDxYHiQHHgyThQAO/JJrSGUxwoDhQHigPFgeJAcaAAXq2B4kBxoDhQHCgOFAeKA0/GgQJ4TzahNZziQHGgOFAcKA4UB4oDBfBqDRQHigPFgeJAcaA4UBx4Mg4UwHuyCa3hFAeKA8WB4kBxoDhQHPg/zUsizZveaGoAAAAASUVORK5CYII="/></switch></g></g></g><g data-cell-id="7QqzYbiBiShg53c-Jw5P-51"><g><path d="M 75 155 L 202.82 184.5" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="stroke"/><path d="M 196.57 185.45 L 203.91 184.75 L 197.61 180.9" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g><g data-cell-id="7QqzYbiBiShg53c-Jw5P-52"><g><g transform="translate(-0.5 -0.5)rotate(12.9 137.4644844066022 176.96467086355733)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 1px; height: 1px; padding-top: 177px; margin-left: 137px;"><div data-drawio-colors="color: rgb(0, 0, 0); background-color: rgb(255, 255, 255); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 11px; font-family: Verdana; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; background-color: rgb(255, 255, 255); white-space: nowrap;">Bootstrap secret</div></div></div></foreignObject><image x="101.5" y="171" width="71" height="15.75" xlink:href="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAARwAAAA/CAYAAAAyu3fMAAAAAXNSR0IArs4c6QAAFaFJREFUeF7tnQOU7MzTxmtf27Zt27Zt27Zt27Zt27Zt+/6/X59T89X0TTKZZJLdM7fqnHvu7mzS6X66+yl2pqdfv379xMURcAQcgRoQ6HHCqQFlf4Qj4AgEBJxwfCE4Ao5AbQg44dQGtT/IEXAEnHB8DTgCjkBtCDjh1Aa1P8gRcASccHwNOAKOQG0IOOHUBrU/yBFwBJxwfA04Ao5AbQg44dQGtT/IEXAEnHB8DTgCjkBtCATCWWSRReTee+9t66E9PT0y1FBDydBDDy2jjz66TDzxxDLDDDPIkksuKbPOOqvwdxdHwBFwBCwCgXDeeOMNeeGFF+TNN9+U119/Xa688somlCAWSyAcv/r9998l7RjWtNNOK0cccYQstdRSjrYj4Ag4Ag0E+nOp/vjjDxlyyCGbIPr4449lnHHGafoMsvnhhx8Esrr77rvlzDPPlM8+++z/G+7pkZNOOkm22WYbh9sRcAQcgYBAYcKJ8fv1119l1VVXldtvv73xp0EHHVSeeeYZmW666boObsaJNbjTTjvVNjasyqOOOkqWXXZZmWmmmWp7rj/IEWgHAfWStttuOxlppJGabu0Y4dDq999/L5NMMol89913jYdsscUWcvrpp7fT3z5/LdYd4/zzzz/lk08+qa2/F1xwgWy44YZy9tlnyyabbFLbc/1BjkA7CGywwQZy4YUXyttvvx32iZWOEg4NsyHYGCqTTTZZiA11k9x5552yxBJLyNhjj10r4cw555zyxBNPOOF002LqsrEQZhlrrLFCjLcWwjn88MNlr732asA47LDDyk8//dRVsK644opyww031Eo4L730kkw//fQBR7dwumo5ddVgTjzxRNlhhx3CmGohnGOOOUZ23XXXBogjjDBCcLW6RQiMjz/++PLPP//USjhbbbVVwzV1wumW1dR945h66qnltddeq49wIBtIR2X22WcPbkBeIT6CNufft99+K7/99lsIPOG+zDXXXDLyyCPnbarpuk61u99++8nBBx8c2m7XpXrllVdCEP3LL78MhDXccMMF85Mapsknn7y/7KAOADMVklNLsROE899//8mjjz4ayiGWXnppmWiiifrD9dNPP5VXX3019Bel8fPPP4faq3HHHVeYV/4vKh9++GFYFzzj77//ltFGGy0EwtWKK9pu1n3gx5jRvPw8+OCDyyijjCLjjTdewD/OxGa19eOPP8pDDz0kZHDBBkue+1mjY4wxRtvdB4Onn35a3nrrLfnmm2/kr7/+Cutj+OGHD3Vu9I9+Fq1vYx6ffPJJmXDCCWXBBRdM7R/jASPmnETQiCOOGOIwuPPDDDNM5rjuu+8+WXjhhRvX1GLhzD333PLYY481HoqLtccee7ScACbwuOOOk9NOOy0AniSAPd988wmbfqGFFmrZJhd0ol0W1HnnnSeXXHJJ2KBZsvfee8shhxzSdAlFlWSzINE0GXjggYMretBBBzUuYUGfe+65ct1118kvv/yS+VwWLAFsFlQsbORnn302fMxYMHtpVwPelDVQ/KlCH0444YRMy5S5oMiT+YIMrSSVVvD31VdfPfxjTbC5koTFTSYOt7VTAlEyL4wZBZYmbK733ntPsMrTBEKgreuvv17+/fffxMuI7zFGCmFbCcR76KGHymWXXRY2eJZQrgLeBGWRCSaYQLg/FsgUAkSpEbzlnueeey5clrQ++fyee+4J6y9tXiDn9dZbTw477LBA0ioorssvv1wuvvji0EYaJlwPN3Q0aIz2pspYBcZHq8PSWQL7UiT40UcfhcsINK+//vqCeTbYYIPJBx98INdee21TNfTOO+8cFuZAAw2U2nSn2oW5SfEhaAC1NAYZZJCgeaxsvvnmsu222zY+IoC+0UYbhSJJNBZ1STPOOGP4+Ysvvgha8tJLLxU26dZbby2nnHJK495VVlkl1DmRDXvnnXcan2MVsTmsvPjiiwJpsWHQZJAK/yNYInx+9NFHy5FHHhlI2EpMOJplwLJcaaWVAhlhzQ0xxBCBcPfff/9GzRVa9/nnn+8v/fn+++/Lgw8+KAcccEBjU7BhCCZSLoFFQ/ssWOY33my77757KB4tK4x1gQUWaCiK+eefX9Zee+1gLYArKVw2uyqDr7/+umlD2effeuutstpqqzVIC2xWWGGFYIHgarO5H3jggXALWF111VWhhCFNKLAlyQImCAWz66yzjkwxxRRhXWP9kXChHX5Gjj/++EaMhL4+9dRTcsUVVwRlqPLuu+8K62GXXXYJ824liXAOPPDAME8Ic0QGFMw4RcD6O/nkk4U2EXC7//77GxYxZI71g5Cd/vzzzxuPm3TSScP+VUHxdYxw2BCLLrpoWDwIJHPXXXfJbLPNlrlm6CBA4z4hAI4msh3VBi666KIwQSxSJGtRVtUuJAD5Ia1cKgiUxcOCwhVBy8QERTtqisaEo+OGtMFIJY9LReAO0kFY/GhbXBi0N0QOaWF5sUjSCIc5xd2L5eWXXw6uj1aaY3GyaJPEHpsBr/PPP1/mnXfe0CcVNj6bCivQWrdnnHGGQOBlBEzR8AjEz9qKhfWEKwBZpBEOhIQyxdXBukNJrLnmmv21ZbO0KBXmLsn1xCpYa621GvfjBWAZozSS+ocSwIqwhKPXkcCwFiFkwViwSqaccspg9UIckGtMOGC85ZZbhqYIV3DfNNNM09QFSAXrhHlHZp555kB0sbJHWVpl21GXik0ESdCJm266KbC7MjVuz1lnnZW4uWIwl19++XA/AjAwOhowTXbbbbegqREGjL85xxxz9Hd5Ve22Qzho6D333DP0jcXFIk0TJpmFYi0cvbYs4dAOC42+QxQaB9AAfxLhMK/qhiX1GW2FZYOgVNSaiq+1hMOzs1xSNjUxELV22LCQ3qijjpqKW9YfIAfMfzYMgjuE1k2Sa665JhSuphEOY1R3A9eC9Z4k7AnInGcjED8kYQWljAJRN3nllVcWnp8lKDnmLw/h0B5JBkgC0kHU+7CE89VXXwVLRfEmbABhJsktt9zSZK1BcuwxKx0jnLyzjauAHwgweQTWhYFVIBLMwCxhQsccc8wQaER41tVXX910S1Xt6vPyWjhYa0oyaO9jjz02dWi4HyxSrMRYOkE4SefeUBDETNg8NoaDZQYpZQWFtTSAvmZZeu0QDm3hrtk4FqSI+1xEICtLMBrbSGqL9cRmRkPHR3vQ5gTJVR5++GGZZ555UrtEUFZdK8IKuOFWcKtPPfXUxkcoWcIIWULsDeIFD0076/WxhYPLg/KKhTnDutUYIyEJvASEgDBkay1Pez9WKF4L/yOsbSwuKx0jnPjwJg8hOETcIUkIIsJ+22+/fWL2Q++BnAiuqeB35jkGQcAYUBHiKEyGjaBX1S7Pa8fCsYQDGaNlsmJOaQuuKsLheWw0zPh2+7XGGms0DvliiqcF+tslHIKgBENVsqynzB36f5siJhyC70WC0daqBissArUckvpgSxj4O/EdlCSCUiF2pVaFDei3Gg/WCTGoxRZbrOnSvITDnkXxsGcQa7VhDT3yyCOZXZhqqqmCW4YkFfR2jHCSDm/yUHxfUrZMLOYmkXv7mgsGxubHx0/yTWFhNDvCgofAstwpRQMryFoLMaNX1W67hIOmRmOrEIwjAJemRXqDcFot8rS/V0U4PA+rS4OUbGxcojzrIu4r64nNra4+wV2sUzZXO2IVHFYGrkiW7LPPPiHzpILrqRmrxx9/PLiNKlhUHHIuI3kJxz4DRUMmSy0W3EniaFmCVUcIA8HaYe9bqZxwkjoHS9J5MjAq+Lxka+IaAhaDFgUmmZ5pg+dsFlpEheCoZpH4rKp22yUcgmaYsOr+cT/jJBCK9WM1edZEV2nhZD2XLB8xF9LnuCNoZ3XN8On1yEonLRz6s8wyywgZIRVc5KRge55NGh+1QbHR/mabbRbc16TkRNwu1omuZ5RFK8IiQ2ezQyhV4ppIvCn5ncB2GSlCOMwdCQ0VxogFkyUkPXS/spc1eaP39Arh8HCCf7PMMkvTRiNOAPGo0FksIF3AxHK0QrEV+HGEHytC03pVtat9asel4h4sGkuGdmyYtASTIZ+sgsa6CQdLFd8ewswjnSYcSiLISKqQXbMxlDx90muI+UEQSef5yNiR2uZ5SghJbRPTSQsf5OmLtcBZpzajR0o+KduVp129pgjhEORPSra089w4LthrhEOnbfyC38nCaFqN36mPsAVWxDi0OKnVoG+88cZQ/6BiMwFVtVuUcLiP2AFxAHUT4vGxoHETcT3Vv7bX1Ek4++67byOoiDtD5ThxD9wcTHC1Uqt0qUjTkq5VoaDMVrC2Wh/x3yEd8KVWhWK4JEFBklllHVrheuvOlT2MvOOOO4aiShXW8nLLLdfukJquL0I4YGoTFFh8vNOqjPQq4eirFOwA8H01xYnvaGMZpAmzKnFtO2SlKMBSoYZBg89VtVuGcLgXy4tJptiLMoCkICuBdsgpDuDWRThkX6ymJ1VLijVJqiQc6mWo11Ghcl2Ly8psCGqzsCiI42A1xRqa5Mgdd9wR6oSsoAS0ghY3GJepqFAmYQsaKdqj+rqMFCGceK6p87GYF+lPrxKOvsLBdhxCsQVsEI4GrSgws9W0WQPGPdPybq5jAjW9x+9VtUvb7bpUSeNg8RJcJ1hoYxVcy2e2eIrP6iIcrTDmmVSUJpXN63iqJByUiS11wNW25RNFNkN8D5kj6k7YJJwbUiHFjytpU+NUdWuANClY2k5/qPS2R306UdxYhHDICNujFyg72ikjvUo4MQgMhIIne+6GRURAEKGMutV5IQWDDACZABViOmwAlara7RTh2EklVsFGV21LWQCLwUpdhIPbS6AYwWUllpMmVRKOTddiXZClajezl3fjUHvCZiN7pBKnz206mGsInGadt8p6dmydUzpiXay8/bbXFSEcvA2ydiqQjxZyFukD9/Qq4QAi/qoKfjALx9YvEES2xUNkAiwIaQOP7yM2Yk87V9VuFYRDm9aFACetUtXx10U4VOXqERMCqfZFavFcVEU4WH9kGfW8WjuxvaIbBReJAkF1myiMo+ZFhcA+Sk2FIztJBZp5nk9RpVW6xI7SDkzmaY9rihAO91ERrWefyNZxzAXFX1R6lXAWX3zxcJZKhQmyv/M58QxrmeBbkzVoJZi9+sJ2gplxNqWqdtslHAKupHNbvQ4UP14zFdQrQTg2jlMX4XCgEo2P8MoKUt9pUhXhUFZhYyhkdAimFxGIBFw5INsq/U2KWDNZ8TOpCrZfBrDuuus2ZdHa7RthBeZUJQ41tNteUcKhfMUeqeCcGcqvqPQa4cSLhgEkBSDZWMQK1IcmeMbmyxKCerwWQYVXWlhLis+rape2bXyB6mY9p5PUZzYlmTl1U9LGZdP8aD89AKvXE8OgnkclT7m/PbzJfWlf6WP7xFknDdzTD2pJ0iqQqyIcm93E2oM0UDBFRI+4UNDG5soSFANnrRCCpzZGGJ+PAhPSylgnRYTDt2SFVEjbcxQiKUOZp/2ihHPzzTc3ZcjAmbXGGbYiwiFZW1NEZT0HPa107LS4Nkr0nzSfako+53fSf0lCqhKNgTCRaKO0wipS3lRpar0OsRoOGMZnX2irqnbjlC0LL+1EvG5KCDirWMxuMtrX082KF4RsX+oE4d52222Za6II4Wy66aZyzjnnNNpN0ngQF9k2AtudLvwjkI5lrK5NGeuGQSjhcLyCA6ppgoUM4WjZP8Fy3A0rcTob95MNW6SWhUJQsoH2xXSk/SG6Ii81K0o44Ex9kz2kC0Fg2RZ5iVjsWRAgpxyko4RDp3Fv8EOxTnCLbAUipjnWTVbQzx5mIyNAsRzWjmV8JofNqKeNifWw8OOj9HZwVbTLYUwIQoXKYQLYWGpkMognaRWxEg4xCTJpfG7JkZJ7LDQNgDN2LKIkjU6MwWbx0MBaiwT+uAwbb7xxo19FCIf0syVGam6IX/BaBuYUiwcLkzHaepS8hX+4EgTE44pzNiAKggCqWoy8R4bgbVGtbwmHn8GKoyY2S8rnrCfmRa1Q3GAONcbCi7tw9eJaMYiCNQ5RqMXLfIAV546wrCDyWIjlcK+dUyw62oKMWE+0x5krFC0KnL5i8dkAN+0WJRzuRXkzLvtNK8RZseQpRWB94+YTKOedPPSXNUrNTnzukSNQlA3o/mfPk5Fj/YBfOBTMN2/CcJyI1XdmxNog6fAmnaVhPacSAwpgTDAB3DyvRWTjodE0WMjmw69Ws9qeuOVsCynN+E1zSRqs0+2SxkcLpLlJjJVoP+4J8QPrIjKRuEYQEBsLP14P8RH0xvSPTVAdk7XYksZJ7Auyp76H+YTg9MQy12PGQxL8y9JenMwGszQhzkNMAxyUeFmQWF1YEmwwax3EXyPNImTemF8ClKwf1p0ueOYbRcGmL0M29D8u3+cziIHXoNA2lowWY2JdY7Ux9jQ3kiwqx1JwgfO6qFiJaXPKJsYFwTKIjwkk4Q82KBIlRDYxJMTasF/FxDVYisw1WCedY7TtY+HxUrK8wWs8FvZfUnV8bCXH4yj83eLaEJoVJlaCgPVYfBz0ykM0tkMsOtLEEB4bms1DpSdts1BgYjZWq7Ms8SA73S4uDszNl+Hh31ObweTq2+TU6oI8GQsaidgIi5t0JAsFEsdKg5iYQCy6VqlfyItXeKhLiSXEaWO0ItYU/cpDwkmmrsUMK476EPpMST/uA/PKczibBFFAqklfxod1agOslnAgVUx4ND/ZEfBhflm4aEZOQeNex99llMp+Of6ARcULzognQECQjL7xkHnDcmQ9kZXLspbto1ibFBDi/mPJsL4gIBQJShI3C4uq1cvntE1iR8wtxXj8THvgTmU35I1Vxtqi4ttmccGzVRFiHvdb+0FSh9AHBzSx0rDY2d8U6zL/7GkUStYZQOaTLB/ZZ4wE1jQEz7xTw9ZfDCfHHPoljkBuBCzhsGms1ZW7Eb+waxBwwumaqeybA7GEg2uBpeEy4CLghDPgzn0tI2/3BVy1dMof0msIOOH0GvQDxoOdcAaMec47SiecvEj5dYUQcMIpBFvX3uSE07VT2zcG5oTTN+ahr/TCCaevzESX9sMJp0sntuCwnHAKAue3pSNA9Tm1NmSkKP7UWhFqSDiFTe1L3qI0x7m7EHDC6a757BOjib80La1TvBsm73eY9YmBeSdKI+CEUxpCb8ARcATyIuCEkxcpv84RcARKI+CEUxpCb8ARcATyItCT90K/zhFwBByBsgg44ZRF0O93BByB3Ag44eSGyi90BByBsgg44ZRF0O93BByB3Ag44eSGyi90BByBsgg44ZRF0O93BByB3Ag44eSGyi90BByBsgg44ZRF0O93BByB3Ag44eSGyi90BByBsgg44ZRF0O93BByB3Ag44eSGyi90BByBsgj8D/s2VPoBZx5BAAAAAElFTkSuQmCC"/></switch></g></g></g></g><g data-cell-id="7QqzYbiBiShg53c-Jw5P-53"><g><path d="M 51.9 153.72 L 154.17 402.93" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" stroke-dasharray="1 4" pointer-events="stroke"/><path d="M 149.78 398.38 L 154.6 403.97 L 154.1 396.6" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g></g><g data-cell-id="7QqzYbiBiShg53c-Jw5P-54"><g><path d="M 29.08 155.08 L 89.47 402.83" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" stroke-dasharray="1 4" pointer-events="stroke"/><path d="M 85.81 397.67 L 89.74 403.91 L 90.34 396.56" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g></g><g data-cell-id="7QqzYbiBiShg53c-Jw5P-55"><g><rect x="20" y="235" width="110" height="40" fill="none" stroke="none" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 1px; height: 1px; padding-top: 255px; margin-left: 75px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 12px; font-family: Verdana; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: nowrap;">Deliver cloudinit <div>for nodes</div></div></div></div></foreignObject><image x="32.5" y="241" width="85" height="32" xlink:href="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAVQAAACACAYAAABUSpE4AAAAAXNSR0IArs4c6QAAIABJREFUeF7tnQWUPU1xxS/uwd2dIMHdXYMTILi7e3AIbsGCJRAsWCBocA3B3TVAcAkeJFjmB905RTPS817Pe7v7bp2z5/v+uzMtt7tvV1dX1RxCFiNgBIyAEWiCwCGalOJCjIARMAJGQCZUTwIjYASMQCMETKiNgHQxRsAIGAETqueAETACRqARAibURkC6GCNgBIyACdVzwAgYASPQCAETaiMgXYwRMAJGwITqOWAEjIARaISACbURkC7GCOwDBM4m6Yoj7Xy6pG/sg37s2SbuAqEeXtLPR0bgHyXddM+OkBtWi8B7JJ174OEvSjpVbUEH+LnLSHpcwuLQPf08p6QPHOD+L961XSBUQPxzSaeTdFpJF5J02YCsCXXxabaRCk4o6YxpjE8v6RahVhPqHw/BYRNOT5N03vAnE+qaUzUT6j9IusmKZf2vpF9I+u9uEn9T0mclfVzSOyR9WNJvVyx3qdfYpV87k1CPJQmMLpb6hkb76aUa6HLXRqA8lZhQ+yF9ebdGr1RJqIeU9AhJN5b0A0l3kfSKtUdq/QIwYzwjad3/ljbSH69f7GolZEI9i6QLp13rNJLOLuloqxX5R299S9I/S3qipC83KK9FEasQ6gs7Ar1mqPwzSett0R6X0R4BE2odpnMI9ZaSnhKKRYni1PeVuqoWeeowktgsTxxKf6qkWy1SW0WhQ0f+J0m6TXj/J5LYCaJwbDimpGOkDp1f0gU6Te5EPfX+Og3G30j6aUW7lnxkFUJF8z5e0ajjSvrOkg112SsjYEKtg24Oob5A0rWKYlEyXlxX1SJPYcJDuYnCyRGTz1akllB/NENjxUZ5d0mXk/4k+crn0y1jCcImO78Kob45HfdzO7+bCHavmTM2ieNersuEWjc6cwj1vpIeFIr9nSROth+rq2qRp44oiVPwUULpL+vMcldbpLaKQpcg1Fwt2uqLJJ2gaAdkBOlui1RXIVSONq+WdEpJ3+/sxNeW9IYKfP3IdhAwodbhPodQIS+ev6Sk30i6j6SH11Wz6FNXlfRPiVQ/2XkpXKHSvMhmwB3PA7vWPaBVC5ckVNp4nGS4Pk/RYDRVTAjbOP6vQqg0H6M8thr89H7VagBcziIImFDrYJ1DqLlEFCRMgPzsFTlcZ1LEBPdVSWjONYI9GLvwviLUTKr4tkXDMb/nour2NT1v/MyqhNq4GS5uQQRMqHXg/qukK4dHd8Vt6kjJIwlTwb4jVMaLgXpvYVPlogqPgi/VjX2zp0yozaDcswWZUOuG5l8Ke+OuEOrNOlMkUWHIviRUGl7uhvzu0ZLuVjf2zZ4yoTaDcs8WZEKtGxpcGrkPyLIrhMqJGdfQfU2oDNb7inHG5nGSurEXoXLnSr6yx062EhyMPyHpgzPsmgeVUFvhUzMc2L+JsPlC99/X17ww4xls1WdOri+45XEsw9aOszbeJv8pCRv8/4yU2YpQuYzk8oJ2HDXZDb8n6aOSPjWjT9t4lPuRv0jRYwSmHDngiO8ol8L37+4Ebr5lQuWil5BhIt247GJOvXVBGy33Oe8Ofd63Gip9+K8eWyo+Y2NRR/i53jtFcjGp+wQDOWF0D01RHGMTuJZQ8aeF8Pvk2z1+qRdJE6Fm8eCQjMkjSuk4XZbzdknUUcq6+IzlOridJHySEexOtBGnaRYB8nhJd6zpcMUz4H2v5OtIn8aEi4evJe3qP3oeXIdQmWN3ksSxsPRQiVXhrsOx8bGJ6PvaCzlkrOLfiSaErEvhhvpVAx3/+oCPd/k4ATn36Bzub5QuaqZwjBfTfRrqUB8ol5DuPm8dxgaCLOXOKZcApr4bSvprSSftee6HXfTlPdOa7mv/dTtcnzvQMTyLSn/ZIyTTBu9dQtKhJuYXEWHUP1uWvuUvG/S8Tru4TvHLG0h6zkDLz9HZX1+TvAV4BI0UPzO0A0Bht8GojlaDoL3g/8qEHZJaQgUbJgwayllTqF3Gq49Qs4ZIeCobAIs6C+2h7/js8dMXNUagBPWxwZwhkQv9+vfOB/jvuonwzp5Aglb4sJDQEshxAH5ZcCf523R5CNlxMojSilAJ5YW4ua1FSGZDGCGaIGOOlgoxEc0Xk5z8ZXJnK8d6VUJF6yacMveTaCDClHGvQTvmJplNjefyXMANkDn4rp4JByEzRsxT8IvzoY9QmUM4qzP+/DCP8uKvIdQLJtemuCFxgntL8tdkI8f9CY37FKltfxba1UeobHScSFgDaLNxkxkiVNYMOLFBXDyU/1JJhKoTEJDX7MhS/X04/DN7HmCecIqhTRDk1cMzfYRarvmxOvnbviFUtJu/L3qDL1ucbPnPTLj3p6MKv3ubpGtI4sgVBZ9WJj0TBUHbZWIMHQlrCbUEHY0yT+4+Qo3PE1scM1ihmTOBOdLUyKXCUZrFyIVeKUvgU2rZr0yaOKYWhEAGCI7jI5O6BaHiz/jg0Lk3dReVbLJDaeTwb8bMwHi3JFQi/d7YLSa0GQTzFAu/b/NjzhE5lMkF4mXM2Pz6BLyim9GQhlq+S7l5k5kiVMaOdZA3cjYACAkSG5K5blOMTSTIIULN9ZXz6ZfdGsZXlFwf/Je1TA4Q2sy4smYy/pSBzzeaLjgMCe9F3PsINb5LHazPLPv6yM9OzuVUlOd3dhNU8SjsXtg58kJmcTF4Q0kP2MnRpLJw0cWFV59sglDRMtEM4gmAXXRscse25okOkZY+vDy3FD7lAuBojT2LYyjJbtis0B4z3usS6qUTCWScIDG00LEFRP8hVAisFaGiAaMNnzwNAqHGZ0qLfWghY5+kvZnw2DT5HURWytKEipkCksquiWx8zHM2iDHZNKH2rfXYvvMlcozaK8lb2NiHZKcJlZ0dW2AUjvQcDaJw7OT3WQhlfdQIqOxi2G2yYPc59cDzmyBUqkZboK4s7KL0f0o4YqEVoQ1jHuEmtpSl8CkJlbpLEw1tgSBwd2OBrGpDZdGgqcUjfO0tMxvmIxsSKjbHGPVDJiVso1OCL/Vtw0PkqnhYz0tLEyohoYSGZhkat7Jpe41QaV/peYDZCS1ySHaaUNn1y9hf4uSxg0Qp/eOmLq54lwukmJiF4xiaRimbIlRC9MrwVGw+H5lYpRx/OQbTdgz2fVFZS+FTEuqYRsFpA01oTHsY6yqaBws6CwmiY27OsXfB8UONCBXtmIxFWTulXnBH45wS7KOYpbLwDuWUOR6WJFTsrtzaR9smOILnlOxFQi3Ngk8uNq2yTztNqBi3cXGKQow8R7co2FYwnCMQCnaVKfsjGiDgZuE42RdvvylCpR1sHmwiWYg55vZ1SLg0YHEcv1uU9ytsi5vAZw6hTi3Wqb8/u7tEvH54CDMCXho1AglyicYNMzfCpcy5lOLyB/NMFkix7+a5r120g7kaL4EY71ge7y1JqJBnvBCjPVye1STu2YuEevnionEqAfxOEyr2MS6XonDDzyVEFiZzvAhggpS3y32Tuzxi4zqBgbqUTRIq5BlvKTHKY+fiZrhPuHQjHRrP4Z/blx5wSXw2SailO86QPbSGYNchVBIms2izcCMeL16m6ofMombddzO9JKESvo0tOwsXR5yOamQvEurc9bnThNrnZ1debFw0uXnkCcFOO0RAcdLgf5cvCPg9t3lxoeRn5w5Yfm/OLX9+h/agcaIxZMHWFS/QYh+4AILUyk0mPrMkPpsiVHApL57wWhhzd6shiPzMHA0VFxls9FnGsO9rA2YR/CmzYNvFJhtlSUItPUpI+nHrSrBMqPs49JQx5js/ZNSOUh71+jwBKufHHz2GYzafLSllk4RK3WUeySHbKISSAxywzZWmkdyPJfHZFKGSrLu0b2PmwFm+hcwhVJzzmStZ5hAS7xBQEqON+DcBEJsiVDxHSGGXhc06XlCN4WlC3eeEWn4JgMHG/SW6d5RRELU+e7ULcdOEStgfdrnoX9d3e/+Ezk2HyCQif6ItuOzXkvhsilD7Mq3j+tPqW0BzCLXMRM9XQYnoqRWej54OfC4nxsdTzpIaaukbOuRp0NcfE+o+J1RcpqLrEBdNRy+cnrMdMU8A3HNwim8lmybUPi2m9C/FSR1fW0hl6rMSS+KzKUIt7cBghNZKwEQLmUOoXBRGG/7ctJLcQscjdt/F45KEWn5NwoT6p6GncU4dGMd+QtxYMDEkE9eXnPUld5rb+dcFBIjMmYrtnrMIt0GoHOcJl42O/jECKqcTw5cWt5syzj/2b0l8NkWobBzl7Tzx3SQ9aSFzCJWw3juESqdulcv2PSvFpeffUx65AKIsSaillomnBGa0GrGGuo81VJIhMPmi4BTNDh8FgiW9VhQSc/ysZoZUPLMNQqVZBCrEOHmOmvkyg40F38oa7WJJfDZFqGwshGIyrlnIIxA30oqhHHxkDqGWTv2QzFVmVF6OK0k1uOjaFKHiRRJd8aZc82K7TKj7mFBJ7kG8dBZieHENKokSWyOLLWaEqXVUrlkH2yJUXHGwd2XBv/ZkCQPCbLn1JjABXMZkSXw2Raj0D/c53OiyEMzwkJoBrHhmDqGW40IIKsk9auVzRVQeLktxnClnSQ31rkUUIYEGOWR7qg8m1H1KqH3ptsbch0icED8FS/QQju4tZFuEStuJkiJLThZuZNlUcHCfc9RcCp9NEip9j0dTsEFLbyFzCBVTFG55ZPtC2Niw60/lE+BZLhwxY+XYc0w1/K6M50cTj99Pw886RmYN9bkmOUq5IXAvgT26TCLUV4cJdR8SKmnXcH7mg31ZSLTBRBiyFaKpcPzNgh2VcvjvurJNQuXygyNZFiY92gsEANHWfpJ3KXw2SaiMJ9pdTIQxFN02d8znECplczPPZWCW2naU40lIMJeGpWDigOiyDZ3/p41jtvJM7lPZptgIcEGL9wxorY+pAM2E+gef8Fo3s0lIl86HSoYojj8xzhhfQ0JQ++Lsc4NJmIG7VFxsJE1Ak5sKQZ3q9DYJlcmPdoLPZZSh5NFDfVkKn00SKn17SZHLkhR1mAGIrV9H5hIqF4Rs+nk99IVDl+1hbrIBErqaBXe3voTX/L3MNTEUyRfrqdFQeb68WCPtHbb2vtSDsfxdJNTrFfmX5wZyjM7LpQiVW1yM8/jnxVt9XKAgNDSTKSH9Hll/ygnA70gkPSTYXknH1hfjzTvbJFTqL1MN8jscs8u0htvAZ9OESkgxNsu4wUAG5Mcl1p8Q3CFh7pZZxvKzcwm1j5QISS0vUWNbst9w/t2Uu1Xp74qpAA23/IQM/UJ7J7iDrPQkP0HG8qGS94KgkBiizaaEqW0oSQrYoVHH9JBT2b7WzYc6lb5vlfU5N/S0nOP4PmNeBN+1pZZQsf+QDbxPKIOwTwaTSxaM8jwbw0DJq8lOgHtKX77IvnJZFGRPx/E/CqGoaHS42AACmgI2L7RgNDecxpnsQ58w2DahMvlx9M8JsQlNZQHN1byXwGfThMq4YjclY1XMFMbvmehoe5xUMPUwzmzU/DDPOOXgZnbGnsmzCqEyX1nwV0vlMWeJmoIo82c+aAMLGHMUZoEsRCsRrDG2AfSlruR98jWgIFB/XkeYgbi0pL7ajP2sO9ZLDCChD1xSoX2zUVE+pjcSuERbfu4Hl1kxe1YJ7UEgVOYGPt9wRhbGgBMwShimE9YjCl2Zd2SScDOhskuRQo8jev6JmuVkQQMPcGRhsmHP4TMSc4XdGRsHEUSZgMbKYALhxoIrTPyIGn3CF5T/MrHjYmAn5+jJouGHRL14HkB87Fz5XbTtjBf9Iuorv0Ndc+y7LNQcnjiV63Wsv63wYRNiMZFr4a9ChWxaaEmQWv6puayZO85cojCBOQZPfe8nl82mRF5UkskgaFyQK+PFMTx+MQGFAPeiOMZ9lzYQGBsx8yd+GoSvP0DwXDiRESwLJIWLFLl6mXtTklMzjj2H5srncshxgeIQL69oP/ke6HPfYofsudzEp3dKyIiFGQJ3tSz0kzpZQ3xZgzWX+YD1g9YeTxO0kyTbtAsNOeckZsPDM+eKxfedmE/kHsBNkNDqfIpkzCF5NkmyTcVQWsolXB1NGw5hoyEwJK9nlLf4PJsT7cpjzfvlnO0LgY94UQd3PENfYBjENhMEMe9kyVlV+E4MJIR9FI0L2xJuUkRxjH2dsrY+dlUWGxoUwMevYTIBuSFGm+F7U6XqPvYRur768enj4qjcjcfayqYRv2sz1S8mPANO9ns0szlk3Ff2pvCJH+2b6uMqfycijsXBpsdCZpwhNuYWGEHqLCoyizHZo1bPgiOlX41gTsAvekiol40FrY/5lr8aCgFAxBACWakgtvhpk5q6IbDbpA0MLQlSJvMW64XjP4SW+4U7Xd8XG9BEyenQJ2yyXLCxOWI2YG5AjGwImNyI0mOdQMysKbTyUnDdo8/l52nG+pff4Zmhj/TF9+MYlF8iHaon+yrHREVTmA/NWS4PCTHmKwsQOloqyhS4kKVu6AOdo/UNHfmnGum/GwEjYASMQIGACdVTwggYASPQCAETaiMgXYwRMAJGwITqOWAEjIARaISACbURkC7GCBgBI2BC9RwwAkbACDRCwITaCEgXYwSMgBEwoXoOGAEjYAQaIWBCbQSkizECRsAImFA9B4yAETACjRAwoTYC0sUYASNgBEyongNGwAgYgUYImFAbAelijIARMAImVM8BI2AEjEAjBEyojYB0MUbACBgBE6rngBEwAkagEQIm1EZAuhgjYASMgAnVc8AIGAEj0AgBE2ojIF2METACRsCE6jlgBIyAEWiEgAm1EZAuxggYASNgQvUcMALrIcBXWvlyZp/wNeCHrle8395PCJhQlx8tPod8a0mXSp+MpkY+ufvR7tPId5DEd8Qt+xeBe3WfT7+lpJP0dIFPqB95/3bNLZ+LgAl1LmLznuf764+RdDhJaCu/knSkUMQF0/fY55Xqp/ciAkeRdAZJbwpjbELdiyO1YJtMqMuBez1Jz0nFP03SnST9XNKZ06I7liQT6nL4b6vkH0o6aqrchLqtUdhSvSbUZYA/pqQvSDqapO9LOoGkX4aqniQJ7dWEugz+2yzVhLpN9Ldctwl1mQF4gKT7p6JfIenKRTXnkfRuE+oy4G+5VBPqlgdgm9WbUJdB/9OSTpeKxoZ6155qrtUR6ps7TfW7yzTBpW4JARPqloDfC9WaUNuPwnG7W99vhWLvKekR7atxiXsUARPqHh2YTTTLhNoe5UtIemMo9o6SHt++Gpe4RxEwoe7RgdlEs0yo7VG+UeeT+MxQ7O0kcQll2Q0EfpAuI+mtb/l3Y8z/v5cm1PYDDoE+wYTaHth9UuL3JOHlYULdJwPWspkm1JZo/qGse0h6uAm1PbD7pMRvSDq+CXWfjFbjZppQGwMq6T6SHtyIUA8t6RySTp20niMmv9ZvS3qPpG+2b75OJukikg4j6RkLlB+LJLjhAtLv6ySa7Gtd3W+T9PUV610ar8NKOq+kk3dmHNoORj+RhN0Uv+PPSHqvpNOsSKjH6+zv55fEf/Fh/rEkCBoXO/47R44g6ZwpeuvonRvf71I7KeeLkj5f+EbPKdvPDiBgQl1/ahByeEVJF0o/2V1qquTLSnrdwEOnkHRfSVfrQlcpf0g+mUJbicj6zcBDEO+5e/72UklXT79nHvD/5BZgQSPkGjjLVCd6/v68brFep+f3r5R0pbQx8PfrSzqbpHIO0g8iy7jMI1S3Rlri1VcfBIlvMe1nUxsTiCv3qdaGemlJD5J0rpGCGccHjsyZ/Crtwwf6FiFiq6/YX3fz9S0dWVO3pRECJtT1gSxv9WtLHCJUEm08URLaFoKfKmSERkE+AJJwXC5oQTzzgUTqfRrrKRNJQqokacmCJnjR7t0rpIxIZyoaviqh0r6Lp6AFLuiyoL29rNOwb1+ZMOS5iXSn8GyNV1kfm8yjw3j8NmnRH0xJbtAEITGi4dBcCdo4ZCpkilAPJekpnUZ+s1Ap2iheIiTQOVHa6Cg3C9mr7j0AyrETSZ4x/R3N+UVJI4VAT5hOH2dPf0dTPdUUwP57PQIm1Hqsap/E7/Rh4eE5t/x3Thpnfh1vAQiIhVkKGgjeA5l4v5LMA1yKDAnaUxYI+l2SbhB+96NEBmjFqxJqrDvWx/9T58c6zfvjyVxBWC4aKQQAMbLgo7AJvG+kP0vjVY4lARvXTO0fatYct6l/kHSTVBDaOGPxgqJgTCFo/fk0wZ95J3qS5FdeLeny6R8fShnOIOZSCCqhHhNq7aqufM6EWgnUjMdWJdSzJvsbdjnk9d2/0WIjKZXNgFSfGn7ZF+Y6RHD8/lOdje0lSeOCQHH54cj/zgUIFbsoGteQYJP8cPHM4zo7IqTZJ0vjxfGbDQctEiFYA81uypZZS6icDF4VOna3pAn39fXPOrL9Uuc9coz0RzbNE0v6RXiYEwabVRbGkfYPCc+iWVtDHQFp7p9MqHMRm35+VUJ9bXfRdJlQPIsXLWNMGD+IMB7Xz5cuMfrei+QMMZQaYX4HMifiaxUbaqw31jdFqLx382Q/zWVks0RfX5bG6x3JbJHrpm01l3S1hIrmzaURwkbGRRQmnSGh7puGP163u6x8fvh3dNcDd0wRMSFPWe6tkqkBO7alEQIm1EZAhmJWIVRsZBy/8nigjXDRUiPkCXhUeJDjIakD+6SW4CBobMNoiOtIbX25DpJxozVn4dIt2wNjO5bGq2wHt+3YJ8cIL7evhlDJm/qJ0KEXJ1PCGNYc8zERZHl6unjK/+ZSi4vMLJwGVvWWWGfMd/pdE2r74V+FUEnlF6OpuLWPts2xVvL5DbTULBwHWfx9Mpfg1kVnbn0k3/5pqHTIxrc0XmThj58u4TINj4saqSHU26aLx1ze/QpXu756uOgjeXUWLq84jWQh3+5jw7/5/7vUNNjPtEPAhNoOy1zSKoQKgUatsmaB5fq4tPhZuFnm99zs931aZS7BrYvO3PoOn5Jw53qHCHVpvCDQq4TO41v8kEowagj1WZJuGMqDYJ88UT4XdLhOZcFrAk06S7Z9x2LwIGBz4LLRsgEETKjtQV6FUHEGjz6IN5bEoqsVjna47WTBrQobYylzCa62/qHn5tZXS6hL44U3Qrys4WafY3mN1BDq25PPci4PkwJfcxgTvDlySCvPEQTBxVQW1jJ2WQJBouAhwo0+9lbswrh9WRZCwITaHthVCPVzKRoqt2bOAuadzxZ+qdfu8rG+8AAT6tJ44WqUb9SBEXsyuWtrpIZQP5I+hVNT3tAzfZd8RNThrD/kTcFFJOTKBRdzxtIYARNqY0A7V5ZVCBWHfG55sxCRgzN/reBuFG/k8ekk2qiUuRpjbf1Dz82tr1ZDXRovfEKzfy99G/OcKPteQ6iEqWKWyTK0Aa6CPycV7KfXKMxAsSzGhQ0XH+cxv+VV6t/pd0yo7Yd/FUL9cnfEP2loChcg2PFqhdvw04eHsc89+wAT6tJ4EVWU/U+XINRyvLiAzB90rB3zqefIj0B4L8Ta5ynB+9io2Sy+M1WY/16HgAm1Dqc5T61CqOURkAsq3J9qBTcrFlAWvmGFk38pczXG2vqHnptbX62GujReUcukb5cqkoaP4VKjoXJDT4hqFsJbY8rHdXEv3ycXAfkTOLkcp/gjwQXkorA0QMCE2gDEoohVCLV0Up+b5R9XI1yOsrBYubg5qIS6NF54SMT4+SGNv2/21BAqJEakVBb8iO/efir+SYlsWHgTcOkZhQs4tFXLmgiYUNcEsOf1VQiVdH+45mThkymQao1gM4sO3BxXCVXsuzWeqzHW1D/2zNz6ajXUpfGKMfH0bw7h1RAquR6YJ1mITItRcuviPvU+9aF1Z8E0QDIay5oImFDXBLARobKYopsTbjXkJK2Rq3ahp6Tiy0LmqRzSWL4/l+Bq6t8GoS6NV0nYcxLF1BAqds3ohsXmx1E8BjXMxZ4AD3Ko4ho1JRzxo0loaZPDVHsOzN9NqO2HchUNlQsQskXl2HpCHPE5rFlgc5zEDwqhLo0XvpzvL6YGvyNl35TUEConCJKtEG+fhXyr5DtdVTjhkJ4R39Sh3Li57DNLwg6dxRrqqqgX75lQGwEZilmFUHkdG1r83DQx+o+ZaB65R3FCJ5M8Qjo8LqfIIt8nB4VQN4FXefHFRRL5Y8cSjtCuGkLluTLaCwd8TiWcMFaR/KWIv+yc+zFZjAlueS8PD0CwMVPVKvX7nZ5s6QZlfQRWJVT8Hlm0OdIFUuTzIEMTndRrOJvH2+Ipd6uDRKhL43VhSW8t1sgbUi5SopT6hKQyhIfmrP5jCaY5jeA+ddRQEGPOTTzmAGzhQ0LQARmq4nhmQqXNRMrF1H6xHJJfY0MlWAEhNy3mAksDBKyhNgCxKGJVQqUYjmtM9hyjzQLjKIgLVfYV5JjIDTGx5UTGICws6n3kRHcOEqFuAq/y+2DUiTmGJCVki4IwyeNKqkO+NRVDQXmWv5OseyinLeMIecajP+8R0YQt9KspDh8PDgI/OJGcNkVC8U4kzdhW4vw57bwmffGBMiFSgj+YT2ixCO+TdGUsb2r7FXKASzShthlcJjsazQVTxvToE4oTOponaenyD6GTQzHVfFCNSBd8UaNzORoJETws4PyJDVpPCCHmgaFjHl/gJE8AF1Xx0xkkVMH3kff5IRs9x9V1Be0JckFzjp4L1MenRMjxyg9kkYVUheR/pZ30JQsx7tywo/URp86/S2mNV1k+eVAhJy58pgQCoy8xaQkfVISAuUVnsyyFcSFJeG1eUsoDE+ZIJOrSZJTrYd5A7IxL/B4W85JP1JBz1tIIARNqGyBZMOz0tcLRMObD7HsPZ2xugy+WEnVwScUxFzspFxpoFXx7CCIdu4QY+khfWWf8aF9tP/qeG/pIX3yWC7i46aApkTVrTCC16GpUPtsKr742QEZc3OBdQEQamxqbHWTFRsQXDvh2E2NKntL4jahc3hS+l0xfaMDMgzkg5xKgDkJVuSSDkDHzDI03tlA+FsnmhCZL9B0bDvMJ5xBrAAABa0lEQVSGC040X2zD+MFiQx0yC6wz/jv9rgl1p4ffnTcCRqAlAibUlmi6LCNgBHYaARPqTg+/O28EjEBLBEyoLdF0WUbACOw0AibUnR5+d94IGIGWCJhQW6LpsoyAEdhpBEyoOz387rwRMAItETChtkTTZRkBI7DTCJhQd3r43XkjYARaImBCbYmmyzICRmCnETCh7vTwu/NGwAi0RMCE2hJNl2UEjMBOI2BC3enhd+eNgBFoiYAJtSWaLssIGIGdRsCEutPD784bASPQEgETaks0XZYRMAI7jYAJdaeH3503AkagJQIm1JZouiwjYAR2GgET6k4PvztvBIxASwRMqC3RdFlGwAjsNAIm1J0efnfeCBiBlgiYUFui6bKMgBHYaQRMqDs9/O68ETACLREwobZE02UZASOw0wiYUHd6+N15I2AEWiJgQm2JpssyAkZgpxEwoe708LvzRsAItETAhNoSTZdlBIzATiPwf7DBgfmLciNOAAAAAElFTkSuQmCC"/></switch></g></g></g><g data-cell-id="7QqzYbiBiShg53c-Jw5P-56"><g><path d="M 465 330 L 593 279" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" stroke-dasharray="1 4" pointer-events="stroke"/></g><g data-cell-id="7QqzYbiBiShg53c-Jw5P-57"><g><g transform="translate(-0.5 -0.5)rotate(-22.1 527.0604793543023 295.9421568177087)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe center; width: 1px; height: 1px; padding-top: 296px; margin-left: 527px;"><div data-drawio-colors="color: rgb(0, 0, 0); background-color: rgb(255, 255, 255); " style="box-sizing: border-box; font-size: 0px; text-align: center;"><div style="display: inline-block; font-size: 11px; font-family: Verdana; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; background-color: rgb(255, 255, 255); white-space: nowrap;">User talks to cluster EP</div></div></div></foreignObject><image x="475.5" y="290" width="103" height="15.75" xlink:href="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAZwAAAA/CAYAAADUvn7NAAAAAXNSR0IArs4c6QAAGyZJREFUeF7tnQWQ5biuht3LzMy8O8vMzMzMzMzMzMzMs8zMzMzMNMtMs/Pqc12dp3Y7iXPS53RmWqqaunf7OInz29YvyZLTMWDAgAHOxBAwBAwBQ8AQaDECHUY4LUbYbm8IGAKGgCHgETDCsYlgCBgChoAh0BYEjHDaArM9xBAwBAwBQ8AIx+aAIWAIGAKGQFsQMMJpC8z2EEPAEDAEDAEjHJsDhoAhYAgYAm1BwAinLTDbQwwBQ8AQMASMcGwOGAKGgCFgCLQFASOctsBcv4dccsklbuONN452bL311nOXX355p9/eeust16dPn2j78847z22++eb1e0nrURSBjz/+2E0yySTR38Yff3z32WefGXKGQEsQMMJpCaz1vykHTHz66afunXfecW+//bbbfffd3Z9//uk7HiMc2tP25Zdfdg899JA766yzGi9phFP/8Q57+O233/pxZ0yPO+449+abb/omRjgD31gOTD3u6Nev34Axxxwzuc8nnXSS23nnnXPbDzPMMO6vv/7KbTP55JO79957L/m51rC1CIwyyijup59+yiQc/fTXXnvNzTDDDEY4rR2Stt195ZVXdjfffLMRTtsQb+5BQwwxhOvfv39zF2dctdFGG7mLL76406+PPfaYW2CBBZKe09HR4YYffng30kgjuQkmmMDNMsss/tpVVlnFDTfccF3u0dG/f/8Bzz77bMPSfeCBB9yTTz7ZaAgZrbXWWm7qqaf2/2affXY36qij5nbmpZde8tbTu+++61BOffv29e2Z2LPNNpu/z3TTTeemnXbapJeyRq1HwAin9RjX9QlGOHUdmc79euKJJxyhbXQrOvrRRx9tNEDxxxQ8BPXff/+5f/75x8WOzYwRzu+//+4ef/zxhgd81113eV0uAvENPfTQ/j9pG7vviCOO6HbbbTe3zz77uKGGGur/+xmepQbbbbLJJo0GCy20kA+hNCtfffWVG3fccf3luO3TTDNNs7ey61qIgBFOC8Gt+a2NcGo+QJHuQQLLLLNM45eUiBFRp59//tn98MMP7txzz3UnnHCCixFO+Li9997bHXPMMY0/b7bZZu7888/3/w3Z/Pjjj96xoE+E1/v169doi4Ny3333uZFHHtn/rcsejhFOz00+9kXGHntst+qqq7a9E72ZcO68805vDO26665tx70ODxzUCKc3jGczhKPn2u233+6WX375yoQTzt/vvvvO669HHnmk8dNiiy3mSccIpw6r/X99+PDDDx1WyrrrrtslQ6wd3eythIOFNsUUU/g9x96anTUoEU5vGc+qhEOyCFsbVT2cmG6CdKaaair3/fffN36+4YYb/L6OeTjt0OYJzyDWefTRR0czxBIur9yktxLO3Xff7ZZeeulenZ01KBFObxnPqoTDns6www7r1l9//S5JA2VCalmKZ4899nDHH3984+dll13W4VUZ4VRW1dVvwOBPOOGE7uuvvzbCqQ5nqTtgdd10001GOINIllpvGc+qhMMiIaJCRlmYpdYdhENYE5IRIaGBLFgjnFLqqTWNr7nmGp8JiMRqYFrz1M537Y0ezhdffOEmnnhi9++//xrhDAKE05vGszsI59dff3WDDTZYNLtNa4e8pIEs3fT+++/7ULWWzz//vJ6EQ8dIy6Mw8Y8//vCAjDPOOG7SSSf1ccfRRhstWQdzD+6F9/Dbb7/5lG6AmGeeedwII4yQfJ+shl9++aV7+OGHfdrhBhtsUPp+pCyyqSaZgGUIh2upZSJVkrgp2SfgRU78lFNO6d9RskOKOlYnwiGThjEjFZP/TwrmGGOM4SaaaCI//uT7d4cceOCB7rDDDvO3arbgkar9p59+2mfmYMGRDjrWWGO5Oeec08/Xdsgvv/zSWC/MA5QIc4B/gllerV2dQmqso2eeeca9+uqrfg+Ad2HNMj7Madbu4IMPHoW16nj+/fffPt2Y/Q0KY5l3jOUcc8zh511VYb0yrykbWW655dxkk03W9C27g3BSH94M4bAewE7LK6+8Ui/CgRV32mknd8cdd0Rzu6XzCy+8sHvwwQdz8SIrYt9993XUGMWEybThhhu6I4880iszLRz5wtEvodxyyy1uhRVW8H/m/ieffLJPBSTXfb755nMUTKUKypQUwiuvvNJBsHly7733usUXX7xTEyYsGEAwWUIB7hZbbOH3hmI5+vq6VhDOqaee6sczJoQ+2EjUguLcb7/93AUXXODz+7MEBfTBBx84+lxWIOULL7zQJ2aw8POEvhx++OFdmjDel156qTv22GM92WcJCnKvvfbyG7PULnS3UJcBYTI/igoCwYz2sbKEIsJ54403fN1cKKwhOZ1C/4bRxLwOBeOHFNqYsNl/xhlnuCOOOMJRSpE3p2+88Ua/74Z0x3jSJ/QAWaJY/THh/Q855BC32mqrdfr5o48+ihoWs846q3v++ecbfTzllFP8vJbElNiaLjM/6k44vCfbBFowjmsTUuPIlEUWWcRPIKwayGDRRRf1ng0TgsGDBJiMDD5531nCxDj44IP9z2yMcc4XJEVFLAritNNOc5AbggWI4tbWBp4Qz6Owav/99288hgmDtbP99tt3SvujQVnCIa/9sssu8/emT6IwWJShBU/O+9xzz93pdTkLC+uaOOzaa6/tC3KxAlEAvA8LSE57IP3x1ltvzZ3PrSAcLLrnnnvOE//999/vPVOUNH1lDLUSxjtgjIQEqP9CcTE+vAdpyygxrCQECyo0FFIWLIXNO+64o2+K94sHhdCX0Irdaqut3A477NDptvSTtE/ug/BOEMq8887rPQo8aZTJ1Vdf7b1ehHl8/fXXN0WQsXcCV4hMb8qigCEOQoTMX8JLYA+pixJ98cUX3cwzz9zllkWEwwV4TqwJCE4MqyzCgTzIumSNYuxIIXke4Wy66abuoosu8n1jLW633XY+0wlvBqV+2223eUMUufbaa93qq6/u/3/V8UQJgp3oA+YmBieeFAYQG90YF2COxIwQjB+8XEiF/0VQtvydY4NY63KKh4DfE4TD2PNe1113XcpSabRpxsNBn4dzrTZ7OEzQGWecsUEiDHAsPAUZEaZAIWcRztlnn+222WYbD9boo4/uQ1XTTz99J4CZSBAEbjvC6Qe48RCdFohOn6qA0mfRokgYOCxYFjMhtbKEo5+D4mRBI6khNQgH3FiMVBmHgrUIMYqwMCH0LGkF4fCse+65x3uFkD2kw9EXMUHBnHnmmf4nlA/kHooOPzZLOPqeKC2IAEkJqfF8SFEqvDneB8VB7VQozJMll1zSh2YQ5gfzJCscVEYDbL311u6cc87xl1DFDbnhMcYET5GFj0ddhXDk3vrZWYSj+4GxJ2OZRTgQyJprrukvwxAhKoGhGIqEzDThVBlPiHmmmWZqkA16g3UTrqfwoFuSTFZaaaUu/ePIL0gHIboA7k899ZQ3NHiv8cYbz68BQoXtJhzmAQYRxkU7CAfjgXUsgq4kVFkLD4dBYb8BYVDyQkwoUUgkRjjffPONt46YSAihE31qgp4hWEwSHuPvsUkUEg7KErZfYoklGkTEs/AyIKAyITXdl2YJB/eeauGYYLnr/Zs999yzU7VweE0rCIcQDlgNOeSQPgSJ9RgTYudggCGAMDGZoDFhsayxxhpNezhVFBTnCEpxKMTx+uuv58b2scgJfYpg6TIOVQSCFOue++Cta8Midm+8tNNPP722hIOHQTozQgU8YeCYsF+Kx3vVVVd1wkDaljUgGAs8EIT1y3jqY1h0H5i7EiJDD7zwwgtduqgJhx/xhugTpCYkhldKynC7CYdCTKIG6Ix2EI72msGCOUiIvRaEQ8hIJpmOfcYmHa461jrHK4RCuIZQA0JCAFYwlkZMCNOgkCXsRD66hLikfUg4Bx10UCNUp++JVYPV1U7CIa7OkUF559rxm8TMizyn7iYcXGq8AbwCvJy55porU88S1tAEA1my+R4TvEsUPxM4ZgWXUeZlFBQhT7xKicFDJBgtRYL3LMqJ8SIMCgE3K3hVYmwRPgO7ov0h9h6xyOvq4RCxECNT75PGMGKNkpAR28QvM56EnvFqpTiRUKEOn4fP1mF6fgN3DE0tIeHEzhhjzxVyw2sK92XLzIlwDyfrLDW5J5mY6Lp2EA7RIhwICUMy3zn/jehU7QgHgiD2KeevlRkEJqIkCaSEuDg8VI5lJ14MKFpSCYeJhSLMso6K3qEZD6fonvzO/hd7CkjRROtOwsFDIb+fxYXlKt5rVp9DwpGq5JR3rNKmjIKCNJdaaqnG4zAyZC8orw+HHnqow1ARoT5BNrzL9p0Mp/nnn79xGd5Wloer743nCEHTFzyEUFL2cOSaVoTUNOGAqYSlyuJTZjxD77PI49ClC/SL/cR11lmnNOFwAboCDzkM4Zd535BwUq8t0gOx+5TZw8ELZD7pUzuYdwcccIC/dS0IR9w9eVn2SvAYyqS/MohYxeKxEHZhkuQJi5dFjMTiy6mEkzrYWe0GJcJhIx5c2ZNiUWgFmfX+WJtsvkvGHXsihI4wGlopZRQUSShYuSLE4kkGKJIwdJvlJRfdh9+POuoon4AhAkbdce5eTxMOOErWKYqYfRQSNspKmfEMDQHCaXmn1xMSJjwsEvtMS4qHU/adstqXzVKTExi6m3DYG2KfEqIhVIfelmQZ+h4aELUgHFwvPAzJFKGjhMRIHGAPhsywIsE70SmfeEhFnz8g1EEigmfejo6GCyjPqjvhMLBkIrFYiG8z+LjO4sqT5inpxUUTrTs8HEKYeDaMRcoZTXpMGWdd8Yz1R3bdlltu6Rd6s95j3rwpo6BQ7KTjisRCKrFn4UHreRhLBy+a2/K77i9/I7QWS1dOvZ+062nCiX19llAkm/jM29T09zLjiXdCsoUIxk1W+J02kikr7TE+SGLQUmfCwRDEuy3SA7G5E3o4KfMLfc4WR5hcUQvC4QVInSSrJ5YHT+yc1F+UEi8SE9IRw9ThFGB0mzDmWlfCYZMdC4tNaCHMonctmmhVCQePkiw49gkQCINsLtKFUwSPiEUfhjW5lr6h8CGxBRdcMOV2SW3KKCg2XPUJuIQqw8K22EMxBEiEEanyuQ/2xMh0EyH1uZnQc9jPniYc1h1ZarHNbOL/hDLZY4Ws8wyPMuPJ0f54Cc1KzFOtM+HwnkRxMN6qJg3o7+FgqLOXyr1JBWdbg2fgtcayZ9tKONSb5FXskqZMrFkvKj0heAEUGxk3YeV06PJiGUvqaLOTqo6Eg1fDApQQBBufbHYywIQgdYFnu/ZwdNIEYyTEjcdJXY18rKloHCAdPnVNUSaeWkzIFiKTKSu9uugZ+vcyCorn6UJRagpIMy0S2mkLnVRZIeWia8Pfm+1D0XN6mnDoH0kZ1OyQxZVVHAq5YmjJMVDhe5UZTx1O5z7dQd51JxyMNXRErCg3b46U2cMpmmtdCAc3U2+GscCzqvWLbs7v5P+LV5I6qBT3AQqbx/pLc/I8skNIudUWJta0tn4p3pJCspR+xtrUkXCofJcNOGpbCKeRrRSTdhEO1g2KlT0GNguJwYswWfl7GcErYPzZoyBlPvQ8IVWs09TP4GY9u4yCwnuWoj7uBzmmHLEUHvHBffQXdcvgQvIFeIhQBB2rASpzT9rWgXCkz4SAGXescBI1YicZkMqMYVKFcDhOSop3uQ/1bFnrKBXPuhNO6nuE7VpKOGRrENoSIZWNrLFmRWfWsKFfNhYP+VAQSHxfEgLoCyEWKdrjv8PKVmKH1NZUkToSjpwwwHtxGkPsCB5553YRDs+TjCkyothXIGaM4H6jJInJNyMYKdRT4dVKxh33wbPDGKmSGl2GcHStCM/n/VKSWkiDZsxEuA+Zas1IGAYqihikPqNOhKP7THidNU4mnhRp8zvhWvZfqW/RUmY85VRpuT4rZTwVQ9oZ4RSj1cXDkQ/zyKWESMhCSLHmYo/DGqHAisUpSqi4W11bkAXBcdcUd8qkQwHJ8Sb8XVt7VUIX8vS6EQ7joEOJnOWWdVYZ79AuwmF/DY9EYrZhyimnSJDcUKX+BE8BI0J7B1XTp8soKDawOcVCBK8/q5BVz94wlZnsK32fMmtBn8bAdSQxQBZVpa6EI+9FeJVQu8Ytlj5dZjy33XZbf3aaSNbpAWWwHRgJhxA9x2BhzLD/EpOWejg8kM0fnUdNsRWbds0IGWYoGzLOOLKminA9G8ciFFrq1Fk2ZwnHIHhSFHURdmpW6kY4ZCVR+CdCyJDQYZa0i3A4hJQjTLTw5VIqwkViWT1lx4WiXwpE5dw5wotUczcrZRQUXpYuNib0nLWXoPsTXscxL/rIjzJ9D+c/YSWplC9zn7Bt3QmH/kI6eM4YxAhFk0RjtJQZT/YBdeo16eYcHFpFBkbCkVNe8uZlywlnl1128SchizRroWL1UuGO5FkQ1MtQ11C0yU/MWmflkFyg921IKNAZGFUWN32uG+GEp/ZmxbJl3HqScPBI+vTp0zgjDgMALzU8146+QiTsG5IFVhRyJRFBMtmqklgZBUUlPDF+ITs5qqNIQWniJRTEu8aKL4vuw+/Mf66VOgfWAnsPRZgV3bsM4cgxOXJPQqh5n/lIOUuN7DsST8IQWdhvXXRKRqTeg6FtmfEM1xJHYhGirOKFD4yEI0ftZJ1PB64tJxxCVQyAPiI+62C7rMkMgXBWGcV8hLeIucbS5LgeV5mJ/Mknn+SmeYYppixeHR/nROQVV1yx0SXi/EyslGyi2Hu0i3BIfkBBI3knO5MCrUObRV5jTxIO74JnzD6TCN4uIbHwAEsWOuSE4YHRkCdkOYqVW+ThFSlaUnFZaAhKU85yy7pOx/2JAlA3lqegCIGyByqp/szNm//3obOivmX9Hh79X3RGXspzyhCO/uYM9+ZcQ1K9sySFcJinpO3rZJPY/fBI8EyQWJ1X2fHUxw5xT/aK5Ky8FNzCNgMj4cjYUxiq9+71u7WccHjYFVdc0SWMRpyPYp6YlSodhARIXWTyUNBJ9T8ZZHnWi5zwXBQi0WeuoaAgEy1Yn5zZJYfs8RuTimpvJnVZaRfh8C7yXRX2aEjSyLIaCSlRdIhg2ZKqy/VayOwh5EOcWqr3W12HE4bUpD/hRjfzh8MLtQjhxMIkuh1JAhAOWWskI7Ahr2tcyo5vuC9DFlpWHJt7Q3SkJoshRvYdizFLMAhI8UZIbmBehmNVts8YZRhwuv4KJUnlfLPh4zKEw76Z/iYMRgRJEJzMHgqeGKF4OfEj67Ro1iZzFi8y6x24F9mueHRI3759GydMy3PLjifkr/fAqpxyQB8GRsJB32AYYQhm1TG2hXAAkOwwwmsUGorgpRBiI0UTl54JwmGLeB9spJJVJoe2MQmZGKQg5okQDgNOXJqB0wSBgiEkx34Fz6IPHPKHNxAKJES6rBzKx+/UgWD90GeSF3gOC5YJjvImA4ZwHu+lpV2Ew8GlkKkI+1KcAAzpMBlYZPJ9n/B4E7w3KYjl5Gr2eSBYFigLXPbieopwIAUMFLHyqeYmo1AX8Arh8P4oAJSn3qvi7xAryos0cATSgryqSGhUMTeoaSJsxdjjwfBM7UWzL4XXxp4CITL2kJiz2ouGFOifKFrIkWxCwmvdIaQLM566SBrPF+wwuEieYc6zVkhXZ55DdrxXzIsoQzgYMOCk1xfrnDXO3+kT2GF4ogt0Zmke4RBVYcwJE1M4qM8Z4zcSJiQrlXekLCI8i6yZ8QxJivHBKGCs8E5JSuKdCWcyl5mr4BtL/BgYCId5yxgxfuytyz5k3tE+bSMcwEc5sKAIkcVOP40tIBYY8dQTTzwxqRIaZU98VpMasXoIDYAYZMlOw2MiRVaHasI+YAkTekitHyLUweauWGl4ShAXSQl4CSKktFJQirLkxNfUgsYiJYPlzCnZ8lmFsD3KRL6XwwImfp1XywFxYllzHLgQGYud92QxMzYofhQj2HL8CpNKlAMLnywgxoDFJ7hgeDAf+CiVPlcMpUx73iEMl0GAZNLpeDteBNejODjROjyWiPcnZMWCF09Gjj1CyRB+ZW5VOfyQZ/C+eMBCYiHuGDaky4beOZvVhHdQqmLQQKryATbwlLWCR4pySjl3rWie6N8xkjBUdG1Q3vWMIZ8ykBo7Qrgy9mAp+2KsL05OZtz5B4mEoXC8HBRVVnEu/WB9YDThrTMPEcaLU7aZv4QnhchZ5/ornxTK8myMWfrJ+MizwBEij3lUzY4nWVokDOR9ZVawhWzY99BJVHKWGIWr8ql42pNMg67gXzMRlnA8IVnmFuPG+pdzIGmXd1o0cxEnACM068uwYZo/xgJrF+wx9nU0iXXJOPK/jCH/0Bkp+19d0qKzJi1KnAejxOkIChDriZdBmWEJ4OrjlqHQyoQ6mExsGBN6Y4HzLOoviKkTNkIpkaGCsoRoUovdsARxmxkY7oflxf1wI1HKVBuzZ6AtWN5ff30wCw9CJCkTNFWJYIFiLTOpCC/QR5SYvLMucuW5KAm8RxQxkw1MwB7Llxol/qa/3xIqK56Xl+Gm20uBITHeMDNItwu9DoyUvCPY9fl1EBmkhNWF8sOalK8kMr9Q3Hh+xO7zQrqpeEs7rGfIlrAQc5pnoSDki6NZz2Lxovi4juPYUYxYjihLxgIyxUBhLLrjo2tZ74WCY++SOY4BgeeOcuE9UAjMc/pBaFNOoQhrg/Iwy8rGg+g4WonnYi1jFEESJPGwdyvnH5IMgOUfij4aBi+cPQRwRMHh0TMWYIyXT7IGKeiQXNY+Q9XxZPzwQuVbWzyfdch4oh8wksCQUz60YgXzlILR7vgWEsZX0afEy85/aR+enAHuWQZw7BmpdUzJhNPsi9h1hoAhYAgYAoaA98QGpMbJDC9DwBAwBAwBQ6ACAkY4FcCzSw0BQ8AQMATSETDCScfKWhoChoAhYAhUQMAIpwJ4dqkhYAgYAoZAOgJGOOlYWUtDwBAwBAyBCggY4VQAzy41BAwBQ8AQSEfACCcdK2tpCBgChoAhUAEBI5wK4NmlhoAhYAgYAukIGOGkY2UtDQFDwBAwBCogYIRTATy71BAwBAwBQyAdASOcdKyspSFgCBgChkAFBDoqXGuXGgKGgCFgCBgCyQgY4SRDZQ0NAUPAEDAEqiBghFMFPbvWEDAEDAFDIBkBI5xkqKyhIWAIGAKGQBUEjHCqoGfXGgKGgCFgCCQjYISTDJU1NAQMAUPAEKiCgBFOFfTsWkPAEDAEDIFkBIxwkqGyhoaAIWAIGAJVEDDCqYKeXWsIGAKGgCGQjIARTjJU1tAQMAQMAUOgCgJGOFXQs2sNAUPAEDAEkhH4P7j8fChUQlO3AAAAAElFTkSuQmCC"/></switch></g></g></g></g><g data-cell-id="7QqzYbiBiShg53c-Jw5P-59"><g><path d="M 370 328.22 L 432.76 329.94" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="stroke"/><path d="M 426.82 332.11 L 433.88 329.97 L 426.95 327.45" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g></g><g data-cell-id="7QqzYbiBiShg53c-Jw5P-61"><g><path d="M 200 365 L 107.06 404.13" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="stroke"/><path d="M 111.58 399.7 L 106.03 404.57 L 113.39 404" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g></g><g data-cell-id="7QqzYbiBiShg53c-Jw5P-62"><g><path d="M 242.5 365 L 176.92 403.86" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="stroke"/><path d="M 180.79 398.85 L 175.96 404.43 L 183.17 402.87" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g></g><g data-cell-id="7QqzYbiBiShg53c-Jw5P-63"><g><path d="M 285 365 L 246.58 403.42" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="stroke"/><path d="M 249.09 397.61 L 245.79 404.21 L 252.39 400.91" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g></g><g data-cell-id="7QqzYbiBiShg53c-Jw5P-64"><g><path d="M 285 365 L 333.25 403.6" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="stroke"/><path d="M 327.2 401.75 L 334.13 404.3 L 330.12 398.11" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g></g><g data-cell-id="7QqzYbiBiShg53c-Jw5P-65"><g><path d="M 327.5 365 L 403.01 403.97" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="stroke"/><path d="M 396.72 403.35 L 404.01 404.49 L 398.86 399.2" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g></g><g data-cell-id="7QqzYbiBiShg53c-Jw5P-66"><g><path d="M 370 365 L 472.91 404.2" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="stroke"/><path d="M 466.58 404.29 L 473.96 404.6 L 468.24 399.93" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g></g><g data-cell-id="7QqzYbiBiShg53c-Jw5P-67"><g><rect x="105" y="5" width="100" height="60" fill="none" stroke="none" pointer-events="all"/></g><g><g transform="translate(-0.5 -0.5)"><switch><foreignObject pointer-events="none" width="100%" height="100%" requiredFeatures="http://www.w3.org/TR/SVG11/feature#Extensibility" style="overflow: visible; text-align: left;"><div xmlns="http://www.w3.org/1999/xhtml" style="display: flex; align-items: unsafe center; justify-content: unsafe flex-start; width: 1px; height: 1px; padding-top: 35px; margin-left: 107px;"><div data-drawio-colors="color: rgb(0, 0, 0); " style="box-sizing: border-box; font-size: 0px; text-align: left;"><div style="display: inline-block; font-size: 12px; font-family: Verdana; color: rgb(0, 0, 0); line-height: 1.2; pointer-events: all; white-space: nowrap;">Generate Secrets<div>- Join Token</div><div>- CA</div></div></div></div></foreignObject><image x="107" y="14" width="81" height="46" xlink:href="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAUQAAAC4CAYAAACbzZUQAAAAAXNSR0IArs4c6QAAIABJREFUeF7tnQX07ka1xTdW3N2Lu7s83N3d3Z2HP9zdobi7u0PR4g6F4u7uUF5+t3NY0yH+Jf/ku3efte6i/L/JZLJnsufMsRxCFiNgBIyAEdiFwCGMgxEwAkbACByEgAnRK8EIGAEjkBAwIXopGAEjYARMiF4DRsAIGIGDI2AN0SvCCBgBI2AN0WvACBgBI2AN0WvACBgBI1CLgI/MXhhGwAgYAR+ZvQaMgBEwAj4yew0YASNgBHxk9howAkbACLQhMNSGeExJl5B0XklnknRiSceRdARJh5L0N0l/lfRbST+V9BNJB0j6qqQvS/qipH96SozAyhBgXV9D0vklnVXS8SQdRdKhs/XMWv6epP0lfUnSpyV9a2XP4eFsiEBfQrykpDtJumwivvK2/5D0e0lHlrRXy5j+XPWxn6Q7JJLccPi+3AhshMCxJD1S0o0lHWZET5Do60Zc50tWikAXIZ5c0nMlXTQb/78lvafSEt8p6b2Svi/pd9nvaIunkXROSReRdGVJRyyeH2LleosRWAqBs6c1eOw0AE42L640xDcmDfBXkg6UdHRJZ5B0YUk3knTSbMDXlPTapR7A950egTZCvJykV0k6UnbbfStN8G6SPjNgKBDkDSQ9RNJx03UmxAEAuunkCLDRfy4di+mcIzAb93c67sQR+naSnpQKo5gQJ5+aZTtsIsQrSHpDsqHECNEUb512zTGjhli/Ien46ehtDXEMiuu6BvPIDyR9LZ0G1jW65tGw9i6dfsbUc3pJPxoweOyIp5ZkQhwA2gZN0drZsLpOtBvc4qBL627AcfezyVESN3iFpOtL4ri8ibxbEvZIa4iboLiea68t6ZWVSeVDW0SIHHm/m0H4HEm3Ggjpi9Lx2YQ4ELgRzU+QzHI4bRchxI8mb1uM/dfJJvjLEQ9TXsJR484mxAmQXEcX70/25W0ixJtKen4G313TEXgIoretoiueYQ1xCGSj2/5fRYQPTlfvOCGilqKe5jJmwTQ9PTvxs02IoxfHmi7kyPj1tGtvEyHev4qUeGgG5IOyF64vvntLukWlKHBy+krfi9xuMAKHTNo84X3IjhPi+yRdLBs2MYPY/KbQDun28Mmx8jNJfxkMjy9YEwKPk3T3NKBtJsQPFlEUa8J4Tx8Lvoy3ZCDsKCFCfBiW85u+QxLe5jUIHr5zp+M7oRLYM3+TAr7xehMLOYWcQtJ5JJ1Q0r9SYPkHqpf/DyM7P50kQjwIYD9cGjPezI+n2M2R3f7XZWgthDkRT4ddrE7YkBgPbQkn4R+OEcKmCDL+ZBVviomkS4g3/bYk4viQTQhxp/CJZ7qlpH2KB7y6pNd3PfREv8/1vMwpoW68G8wrSRI4jPiH4wtHEKFEm8jRJF08OZSemILWm/rDifo/KXmDwHfCmlCsCGjnZNHlj0A7fGs6TcY9hhIi9z1fFU5FVAGB9n9PGMBz30xRBYRW/UfyG9ykirF6QfF096qcK4/ZBMEJrj1GRXb3qyb15pKO2tAfZMVR/BGJcMpmP0wEV/6dECImluMfz3+9Is4s2pN5c+90jz6PBCnx4oHfSRougGwJ6uXIhpe2lE8kYi7/zjUEBCPMH/+NXfYC6W9fSNkW+XXYzRj/KavwJxZak7BgXp00v5/XNCJL6YZVxtHVinCsuv4IwCejqU6mwKfPPNS1IcOKjKlceFmxC75wbKcd1831vMT3EgbE2E/WY+wQ4sMym+mj0hotL6VdbHb8hoLAaeAqWQA7pMt7UQqEzz2u2BLsTsYPJwzssAcjpBTzSaA87yJKSZewyTN/ueA4g7dYpyhSTUKiCO3CRnkwbfBZKawmvxjtEC1xKWHHe1vSrhgDGiE7OamAeJ144ZikeMnRWhgzu2EupGOhPaGCs8OFQC6QAN7SNqKI9pBybpCvw4WFxJjRZhHMDux0aF+YCVgw3C/I/U/Jg/+mojM0VUiOxciiD4kjHs/CBsALnksdIeYLn8XOvdil2SnZ9Qm8D5KlL9It2VlzUwna7RAzRxMhToXPJmuSuMMz1nTASQD7Iv87lcz1vKwL3gW8sAga10eSts5mdti0GdOO9yjW9+Ml3SNdw9jQ4lirrO0IUoekIBLCkVg7rLVS6gjxZklpCBLifcQnQfIG6/0yaV1FX++qYkDRznkHQpoUgab5KAmR5yWaBY0QQRPkfSSygI0JpYAol1BUnpfswbsa5xoiYIaWETfHmIl2tYScVtKnMk0EIiDMobRnXiiRNgHgCNrWuQqQY/yQYr7YOVZgFOcF4X/pG8Lg5b9gAgrAQzhOsmuVO1L8znWMOV42CAeCLjUSFjHjQDNFIBoWJfnedZIfL5jgj6V0s2jLkZcFz1G2jRCfmnb6OvMCzrMnZDd/WoXFHRvGw6JiHCF9j8xz4TN0faLpkm3VJDzby1NIERvHWJnreRk/tjX6RzDBXDelxdaNFe0R8kQxyAkxb8v7RTZOCIkUnHAgVgRtinXKMRQpCZGTA5k+IZy8uL5ca2iaaIchL0khTHXjLk92XUdmSJD5wvyHEDuNMlGOAWXqKem3RkKExcObE4OD6Tna7bTwcmNjCy3rx0mzwh5SJxypUdND7lmAHn8vCfFlKYum6flI9v9woT3iiX9zwwW5o4FdFi0LzbBO2HzYhELYxep2Yn4v7S1oyK+ptF4WMQSI5hz9tREiRN3kFWX3ZEOInRUtgyIHdbaesYQ4Fz5j1icmBPKYu+Tz6cXixW1af019zPG8bKaMKbQ55h4FoKvQxH3SiaIvITL/ZKrhaMVGDzmx4aJpYcbKCRElgXUVpx5ORByZm4TNCFIPYfzYFksZSohs4BAdwlyxfptONWTNYVuFxIkY2CU546L1xG7Ab3QUWlfXopn6d7QqCCLkf6t86Me23IQJyTVZjnynqmk/lBDpAk2B3TekKUyDBQJxx6799kpbvHwHMGgikAsC8WD7YJJKyUmJezTZVjiCMNFoArmwe/PsHIvapDyu0FedLXEMIc6Jz9j1h20VrbnMta/rj2Mda4GNF+WhS+Z6Xkw2jDuE4y8k1yWQDptzX0Lk9JKfAqL/INacELHDoYSEoMhwUmoSkjxemv2IJofNvZShhIgJDLshgkKFQtMmKEScCClcs0uCENHISk2QFyFyj7vAnvp3EuaxLYRgy6hzPOT3hUhOlP2BnZSSTbmMIcQIwo1+np6q9ZTPTAUfXq4QVPVndgCD1kGedwiGZGLbSskJkWN4/px5W+yJ7LwcV8YIxTpyGytZS6RbljKGEOfEZ8yzxjVsLgT/smnk5pGmPlEcOJHk5oW6tnM8L+8jDolQXLB/oyn20Vx5xzkBQKhhQ8zHXR6ZUShQLEph80ApeEAyHXH8ZE0GV/ThDezjed+sMdZaKUMJkVoL2ESRJqWoda0EIXJcAtxc2l68TRZgn2uZuLBVcP5noXYd3TnaYvcLIVcV42ouYwgRLY8jQMjBbA7Z30sSx7bJmNoEAz6BwiEc4e5bc0FfQuyDbVubkhBxANXZ0MYQ4pz4bPrcXM9xD80FLZowqS4hdIfc/iaZ43nLLBuOnpfqGmj2O1V7iMio03D7EmJ5O8ww2OBDyF7KN9W64WGKK+16kHzJQUMJEWfhlbIbtpm3amHLj8wQTu5pZddpCnPpmgOO2mGL6mrL7xBgFI4tc035LewlbX3hDceLFXKdZAPJrxlDiPSZe9qbCBHDNrFgIW32umiD0RkvXgiefjTSUnYHQpwTnz5rbEgbTiRo65hKiGFrkiZbNe3neF6OlrnZo+n4O+RZo+1YQiREJg9XYiPA+dklmOTCvERb7H0kbOQylBBLXwL3QBtm8+pVmDonxFwrY1Dheu8KoKx78LsMPLZx1AsPKyEg7DIhjOMXXeim8JHcBoqhFPLKZS5CZCMB8BLPLq2WjQNDdQh2FY5upUxFiOdIoUocWdhk0LzzOC1sLvnmM5WGODc+PZbHqCbMJ5lbOGByJ0B0hl2Ro15ZKWeu58Uulsd23mZAbGwXAGMJkRg+TA4hmBTy+qhN9yVRIX9fOHWUjqGhhIj5A4djqYxhd8dUgDmK3xslHxAVbs5WtMSbhBdrqPBSEQ/EYuEfHlB23VxwOmDEx4OFJ4sQGIS4QkqPbSoYadlRc5mLEInlG4NT+YxNXu9NCZEYQ2IW6xxNbThPRYhz47PpWulz/bXSBpvXB+U6nAy5ls/f5npezBe5rQ0NlmpDU8hYQoyCLZuOoc5mOZQQGQPHZJILmir3EwKHZ5mKRf+VkpwTIo1K7YS4JAyVmwo7WelgIFaI766UgpMBZ0MIQdbEJE4hcxEiTo7SO9z0fGOeYxNCLHdwqhkRmoDHscwpn8uGODc+YzAdcw0bO6eX/GXDToy9OJe5nhcnIUfLkME2spaHHkuI5TGejDHe9ylkDCFyX7RoiBqlrEk4Tj86RQ385ySXE2LpTaWjqSrdDCFE7A8wfAi2mDY7zhDg5yJENOIyPAVbaJ/wjD7jH0uIxEESxB2Cc4iXqEyXit/nIsS58emD4VRtsNuR8hmC1ze3HfP3uZ63tEvW2cnHPudYQiTqIs+kIv2XjJUpZCwhxr0hRBQsIlYiWLscF44YQnV2vRM5IRKUXb7ARLfn4S9jH3IIIeIdzqtpcxTl6D6FzEWI2C7L7JWz1GSojH2GsYSIsRujdwg2REwjTTIXIc6Nz1hcx1xHjCefHwjBa1varOZ6Xu6bx5hSTq+pkMfQZxtLiERGYGMNwdwVsYBDx1C235QQoz94Dvs4XnoiCXJnDm3IntkVRlWmwkTBz+gIux7xfH0qoLQ9/BBC5KUto9aJfSJ1aFOZixAZFy9Gbl8iXAc76RQylhDz2EzGR9RAm5NsLkKcG58hGBMfiOeRFwRj+1ABw7yoAS9tmeE11/OSrJBXn+LIl5PR0GfJ248lxDIVj4DsyDDbZDxcOxUh5uNgrsjyyo/TvCe7cptLQixDTGhDJZVIhxn7gEMIEc8nLy8BnyEc/XDAbCpzEmLpAawzto8d/xhCxNPJhhZeZLIOIne6aRxzEuKc+AzBNQrEEq+W19rr2wfxsbkxHqcgxRNKmeN5CYh+YHYj5otPckwhYwmxPNHheWfT6Iqw6DPmOQiR++L0wjeBpzsEQvxBXbJ0Gc9Hagvexj6hL00POYQQ6YO8yNwrTQBz7trvA2ZdmzkJsbSl1Bnbx457DCGiVf8xu2FTNkA+pjkJcU58huAahDimUjb3QbPIN+cnVxojYWalzPG8ZVEKgpsJNdnk3YxxjyVESKWMHyQwOw+dGzI/eduhhEiQOrnWddlV5Rg4IuMjCdll4qojxDJ5nAtQMSlZNSYmkeuHEuLDi4wN7IjEzm0a2jInIbJT12XGUAlmUxlDiNyT2MjQtCFHbF1zHJkpUhEpU03POic+Q/ANQkQ7zLMa+vZR1hBsevnneF60flLS8tqHTdlNfZ9nU0Lk+vI7TFNVIS8JsavYDBs65j1CpLqEky+e6JBGDZEGJIITG5gHDRPkjBG3yUPZNoChhEiQJiptnjlDYj0fCt9EFZ+TEBkrgaW5xxFNl3tu+gmGsYRI/ncestSVTthXQywdcDjj8g+4162FOfHpWvz570GIfavE5NcS7UAcWxSDICQtL5mVt53reW9fFW+lNFsI7wORA3kxlCF4TEGIeJXLJAiiVsi82kR4n/IIE/677dvZrF82ZpS6rurg5PuHZk9bNN0D2+qLkc9Jmau8sgq5k3TSGu1dIICGQqWaXD2lSVecXl46Kbqk2CRGXApPNgn3g8jrqvnOSYiMp/wGBH+DlAgSZxdtE2xTTZM4lhDLYxulwTh2lQTNMZAXjZ01z/ZpCswmDg87bx6P18cmNxc+Q166/CNTaBNUUiJItyu1i42F9yGC26PkWlvRkTmel3eWKIw8hxlS5H0hJKjr+Mx7R5vyeccemcGed471Xcb9YeriaFr3Lsac4TPgmeqcpuWY6Cu+41M357Ghd2nNvGtwWNgQKcqyq+JNV8FFLsRGQl5ntAV88hVZHBBkOQGAw/H2zKkSM5knUdU339ViYpoWM65xYoTK5HU0VI6hOAlImWInphQR90CzJJIfJ1Cd921uQuRZKKxJJZBS0CwIm8CjRRI7x1fGzPGHMfM8TSX3xxIiyfzUzsvT80irojgtueqEM2E7QeODJEnSJ3UypIkQ+b20NWPPIvWQHZxnQ1MmBrKsvDMHPmMJMa5jTljTxGmCV0RVsAaJeiDejxziqIZDzOlVixjPpjHM8by8l4TElQHhzAERGqwzNlf+Pw4O/hHQjZLDmiNOstwUNyFEnp13HkIqYzJxsvB34jWjkjdERPA6mwvXsXHkoXaBZZnrH+uOauxs3Chr8EGUQ8tPOJivWHto8UG2XIOJAwUtfBSsV07Eu5SRLkKMgbEoYGbii3INgt+Jv4MUuSkvApNVlzZDlD2go9oTjtLHHsiLTP05Cj/2qc0IcdA/QOZaLJOEpxothsUdAgkRx0VsHt7C2MkgdfKrWUCEz+RxVWgEHAUwrLPw6qpPk/GDrancCJpeGsiSKjf5sYcNg/AFJouk9RBwhvAxKfCP8bTtwGh+7IBtc81CwhzCYsnj2pgjyJP5Ko9EpHmiFbSVzGJTIjSklCnwGUKCeVvi+CjKQAHT3CSUt8E7z7yWaXpoVSQNcNqpqxPZNKY5npcKVWy8aDZ9i7BATmiSaG4oNjw/64t/2NTy4GUCrCFX1lh8bqILc4iOjDQ2iz7cQrYIOcY8Rx0fMD7ey7aUU4iUTwIgrNP47xgrzwnZ8b9sBLlyAFkyN/+Jv+4z6BwEBsiRixQmNAuIBhCCrAAc4z0Ph/EXMCEmNIW62mpdAMfv3AMiQ8ODqCBdxsK98HCxq/NysmuWifb00fSRqfz+HJv40BSCpkbYRJcAft3OxnVsHGTdUBwAYuMZcPfzsjFB4AKpomkz/lL6flsi/+hU03gpi0Z2BbF3aIUcd8GJDQqHWZQpKzNboj8wzlPG4u9sGHhr6Z/5YN55eXCyMC4Wc5Nsik/X3HT9zqYNqYMJpxk0deygkAs2Qt4NtGk0KUwNrAfIsKyx2XWf+H2u52W85Kpjy0Rx4TspnJggbzZKNCA2XLy+EEb+/ZKmj0yVz1R+dKrrman0REIHGiynNtYc2jbj4V2EaNloWft5JERdv9RZRMtGMeG/GT8mM1JPcYxxUgm/BpsEa5F1zNxyb04/4UzkVAQe3J+5ZP0fTIYSYhcQ/t0IGAEjsLUImBC3duo8cCNgBKZGwIQ4NaLuzwgYga1FwIS4tVPngRsBIzA1AibEqRF1f0bACGwtAibErZ06D9wIGIGpETAhTo2o+zMCRmBrETAhbu3UeeBGwAhMjYAJcWpE3Z8RMAJbi4AJcWunzgM3AkZgagRMiFMj6v6MgBHYWgRMiFs7dR64ETACUyNgQpwaUfdnBIzA1iJgQtzaqfPAjYARmBoBE+LUiLo/I2AEthYBE+LWTp0HbgSMwNQImBCnRtT9GQEjsLUImBC3duo8cCNgBKZGwIQ4NaLuzwgYga1FwIS4tVPngRsBIzA1AibEqRF1f0bACGwtAibErZ06D9wIGIGpETAhTo2o+5sDAT6tybe/m4TPbrZ9m3qOMbnP3RABE+JuOKm74SMdMn1rl2+B8++6xUfmTYi74aQv8UhrIcQ7VB+ff+oAAPp8nH1Ad72bXq/6AP0jJR1e0tOrj5k/uPeVyzX8bvoA+06MYD9J592BG31Z0hmy+5gQdwD0PeEWayHEk0i6lKTTSDq1pLNLOlExAZ+X9AVJvAwfkvSpHZ4gXkDuf6jsvteR9KodHsfQ25kQhyLm9nssAmshxHICbiHpOcUfTyzphwvO1K0lPau4/zMl3W7BMfW5dRDiSyS9Q9JPkj3uz5L+JOmfkv6V/l2/5hnPIekbDTdiczhi1d/tJd1XkjXEPjPiNqtFwITYf2r+R9K+RfM7DTzq97/bdC2DEM8p6TMd3d6kOl6/oGhzOklf77juipVW/2YT4nST5p6WQcCEOAz3R0i6d2U7BLc3SLq2pH8M62LHWwchHlPSr2cixDMnc4I1xB2fXt9wSgRMiMPRPFrlWDmspJ8Nv3SRKyBEnA5H7XH3sRoifRP2YkLsAbKbrBcBE+J652aqkUGIkNVZe3Q4lhDpmntwtLaXuQfQbrJOBEyI65yXKUd19+REeXGPTjchxDtX5oS/Snp2j/ts2sRhN5si6OtrETAhemHkCGxCiDuJpAlxJ9Heg+61uxPi8dIR7jiVNxinwt8k/VLSN1McIyEnS8spqnCY81RhRidMoS8HSPqApD8sMLC5CPFIKdOE0CnmgXX3qxRG9bERz7rThIinndhY1tHhJP1G0nckfVzS7yeaJ4L9z5dicbFTs07pn2e17BACuyMhEht3g+ol46h4phYc/yjp9VWg9UOr9pBQkzxX0s0bfrxtTdweTYmXhOBKuVvl3HhiCj6HfMh8OWlNO+xxeLN34vg5p4Z44coLfz9JF5F0mAYM2ZQIZ2IePthz3fclREKN2gL4yTYiS6pOGO8tJd1LEokDdUL8JllTD6oiDr5W06AunpZmkCiOqL0kXaUi1xtLukT6/2U370/rmfhRy8wI7G6EiEb4Fkm8CMi/JX00vWgUB2DnZae/dNrpacMLSTwhQdZ1EtecLYXZnCtr1ESIODAggStIunjWnpfn76kf8nO7BCJ+flejCX+fSkOETCDzm2Zj21/S26vN5QfJS09GEvGLFG4IeaGkW/UIZepLiGyOF0j3YYNkvUNcz5P0uRSX+bsa/BjT26rxnjv9xhp5q6RPVgT5lyo7CY2RkKvw3BPgTlD7m4q++J35J4b1RpKOkf1+l4oY2SCbyDbvCuxYtwTTW2ZEYHciRI5iaAMnS3j9XNK1UppfCSGL8OXpZYnf7inpcR1Y3z9pMtGsiRDjd0iR428IR/avSPpS+l+ORRwdOYZdsNIs0Sg4OoUQN4imibNiJ2QKQmRNvVHSldKAD0wbzjPSBpU/xxEkPaHKniELKATi4Vo2sybpS4hcz8bzssoDTpolZMicsDaahLlgHZ0xNfhRRYSXk/TF4oITpLmF2BGIEgJtOuKi/aIxh9AvffLv+ylGFGLlxAB55hsv16CpPmYnFsGefI/diRBfUy3Ga6TJ5GViV0Y7bJKjpIUfCxot4PwdR6xNCZEXk+N8k3D/D6eXONpcOWWB7MQ6nYIQSeN7WjZYjswEtLfJKxJhRZu7Vtr8k1ouGEKIaP63SemHENJPO8bCpog2iUDm2PXQDOsE7fMj2Q9olZwK6qQkxFO1mGrQbMn8gYhD0GjREi0zIrC7ECJOiU9kOHFsDg2lDb6rV5rAa7MG707H6aZr5iZE7ovmSnmrEOxTO1VVZ1NCRLtF8yEQHEETQ+Pp0nDRgr+VjtJchw2VvzUdEfsSIpWJsMXSN2TI2NqEcf84M6dwxL98xzU46E6Z2rAR87yYBUoZQohcy0bNUTmEDRt81+AInJGSlu16dyFEbE8YpkP47z5xd4dOMXrYCREWNBV3WOR1shOEyDGc42VIm+F/6tWzKSGW15MXfbOeg+SonJMP5gNsfXXShxDvURWeeKwkAtMhQ46lXVKWoaNwR5NtOfqiaEau9eMoQ+MtZSghcj3ZUHi2Q46dvM9dz+HfRyKwuxAimgiLJeTkKSyiDyx4mq+aNbxjceTL+9gJQoQUIIcQSAFy2AnZlBBzswXjhQzLYhFNz4Fj68nZj201L7sIEWcU0QFoapAhITJ9hNMCp4aQCyUTRtu1eMdZFyFopVT+KWUMIWLLDAch/S1d8akPhlvdZncgRMiPI1EIxRY4WhAS0Uewb90na8iOj1G7TnaCEC+TynTF/beJENHCeGmHEEq0pR7mu7JrIbMmD2wbIWJHfmXSriDDtpCqco4hzr2zP+JYwQnWJjg7HpU1oEQcWn4pYwgRMxDmoBATYp83eoM2QYgEBw+1Uz28IfZqg+H859Ih9RAvm8I54mJeyrrYvqZxEWu2T/YjBvR8EebXmRCbZ5dNqLT5DdHUcTKUdRfxQuO9LaWJEC+ZtGvi+8irJvwJz34fwRuNfS5XEogC6NpYGeORsxu8tNqgb2hC7AP5+trE5JOQT1T8ELnogEDaIf3SdgghYrPBextCaMXpB9wQBwaOjBAM2adtuN6E2AwsYSil0+K4HSEueW/HTw6N8m91XuE6QmTO3psK1kYfaP94ufsIdmQyUDaVpkgCa4ibIrsD1+8OhFhWsh4ankBYC3FzIbyAvJx1YkJsXpQ4o8pCsgQm901tixJi+R0gudzTGr+VhIitj6Bo+sgD3tH4sMHx6Ycu4ZMVpXeYddAVptPVb/xuQuyL1ILttokQyUKpq0FYOgIIeqZgaV+5ZqVRvjprjFcygrvLPkyIzahieyudF32K0kaPOMXKgGn6/F7NLUtCJICdLBCyXEiBIyA/5LMpYLrr6Ft3f0wvfbzTfdaaCbEPSgu32RanCuEw2IXqYrDIBaV6dQgOlogL6wMvITqE7YTwMSvS9OrEhNiMaN2Rc4gTAPJhM8qFPutS60pC5JoIAOeYjtkkYiH5jVjER3csBor+lvGSfPK0zFDps6bq2pgQxyK3g9dtCyFi28nzQHOIyqBsgnrzl6ELTlL28pSod1aVn3HUmBAPQqDPN1Vox1GVCj04GUJwavQ5rtKeVLU8IwQHDVVy6lL4SkIkq4XslhDCffIYRogOcmv6WFZcx/i5ZwghUARnTyEmxClQnLmPbSHENrsguafYqfJqKkO+04uHGU9zCN7zPK4snwJriO0LkrRDcrJDiO/M7bNtV5fOMdIu877ya7viEGn7vqqKzsWyi6ioQx5zW440jsW84jfhWHlIzSavowlxE/R26NqlCJEqHyxqUuXqpAyF4bjDsadJynitIR5wjkR5mTByUclJrRMTYvvChDyIywshlIvUwz7ylKrQBUHxIeQsn8ZQAAANJUlEQVQUo73XSR9CxGzC3ObFMsizzrOAyr7JCso/KwvB47CZQkyIU6A4cx9LESK2QEisSQOItKt4fHZ2Pk7fJCTv5ylWTdkC5fWl3Yqac/yt6Ut6JsT2BYlXOK8LiMZFwYouYR0SQE3cYgibVFPlmD6ESD9l0DRH4jM05BrTnjjGcpPuWntdzxa/mxD7IrVguyUJkbqAVJypc5S8KMsWwa7EMabtqENgLC9U5H3ircRT3FU/LiqhxBR0VWYxIXYvVmxuuQ0W2+CnOy6jtiDZJSHvkUTmSpP0JURy1Ul/yz+w1VawATsoTrk8W4VMFUiRIO1NxIS4CXo7dO2ShEiJIxwiZWklwh8gN8gSocQSZea7pPQ2Q6qE5DQJKV6vyuLW+Ig7pZ7avrNsQuyahYPS7Qh9ivnjvzkJNMUjUtUFe2EUiqUdDpDS45zfuS8hcs050udRWW8hZJKQUVInmEyolpQLWi9mnLZycrQnzIj6lnViQuxeO4u3WJoQifHCxkSZ9HgRKLHPjo5GSMJ/XluvCzCO2niM47kwrGPHYiFT2w7hWIedCHtSBPF+NdWeq4t5y+9pQuyagYN+x5lBKFSQIloXDgqKVkQqHto8VaaZ/2hHiA0bFRknbTKEEOnn8ak6dfQJaeE9p4p6nTykStl7QM0P2CRx8BHAHSccMnQ4jUSVpKbPsJoQ+62dRVstTYhND0/lYEirTwmvsg80RV6A3B7F4uUlIJMhDwtBG0SThEjr4t3QKtBgeHkgUrymefURjO44YMjQQItAs4V4OXKhbVKTkUrNIZQVe071d4KF0UgJEUK4DzYzCoAS6nG17Br6pWAANldexjYNdshi4kXGZsbLHP94xrxqEP2hqfFcBF3HP7JC6nKM8/tTGAEnRe6UABtIiJi/KLkW17B54VSp+zYJbYgc4ERBVWpCbPLrqbpNYQiKtZZmEjAlUDt39tAfc8fnGbBz1mXDoEXiJAKnPgJZUuUmd8gRAYHJAJJkzHkGFNV4sIuzFnjmMAmBP2uMcaMQ5OW/wBPlgbVA3UbLxAgsRYhMNN+aIOeYRYInkBcMwmBB4QncZMIJwYG8+HYKLxGLiheIlwViZAGyY1Puqe1oxlGPF6evhCOg6SNTeT/5kb5vLjm2OeIkpxBq+FHZZ4y0VXsu+6PiDN9OgRhJjyOeFLsx2SVo5JACR9T9OgbS9rGvuLT8pAM2xD4bSNN7AHGTyYTGCxHHOqJgBOuIkwXkRHVrAvpLafrIVNmODSnWIfPLum0TsGrSRMfMp69JCCxFiJ4AI2AEjMDqEDAhrm5KPCAjYASWQsCEuBTyvq8RMAKrQ8CEuLop8YCMgBFYCgET4lLI+75GwAisDgET4uqmxAMyAkZgKQRMiEsh7/saASOwOgRMiKubEg/ICBiBpRAwIS6FvO9rBIzA6hAwIa5uSjwgI2AElkLAhLgU8r6vETACq0PAhLi6KfGAjIARWAoBE+JSyPu+RsAIrA4BE+LqpsQDMgJGYCkETIhLIe/7GgEjsDoETIirmxIPyAgYgaUQMCEuhbzvawSMwOoQMCGubko8ICNgBJZCwIS4FPK+rxEwAqtDwIS4uinxgIyAEVgKARPiUsj7vkbACKwOARPi6qbEAzICRmApBEyISyHv+xoBI7A6BEyIq5sSD8gIGIGlEDAhLoW872sEjMDqEDAhrm5KPCAjYASWQsCEuBTyvq8RMAKrQ8CEuLop8YCMgBFYCoG1E+IxJF1S0nkknVnSiSUdV9LhJR1K0t8k/UXSryX9XNKPJR0g6ZuSviLpS+n3KfC9k6QnFx3dXNLzp+jcfRgBI7A8AmslxItLurOkyyXiK5H6h6TfSzqypL1aYPyXpNdKus4EUO8n6dxFP/tKuvAEfbsLI2AEVoDA2ghxb0n7JK0w4DlQ0rslvUvS+yR9X9LvMuyOIOn0ks4q6VKJRI+Y/f6pGiIbCv0pk9ZZXvdvSaeQ9J2hHbq9ETAC60NgTYTI0Rht7igZTO+XdHdJnx8AHcfpW1RH5XtJOmG69mwDrq9r+sDqjw9Kx/GTSzpk1ojfHrJh/77cCBiBFSCwFkKEDN8m6TAZJs+UdHtJaGFj5GJJo8SWeMYxHWTX7C/p1JVmeldJV5J00ey3b0lCg7QYASOw5QisgRBPlrS4XDN8kaSbbIjtsZOjBQcLZDZWzlUdwz8piaM7Tp3LVP/7vKKzC1bH/I+OvYGvMwJGYB0IrIEQsQuizYX8QtJpKqfKbyaA6GeS/iwJ0h0rT0oOng+kcR5V0k8lHS7r8DmVh/tWY2/g64yAEVgHAksT4qUlvbOA4g6Snj4RPO+VdFpJJxrZH6E9P0qhPhAexIe8RtI1sj5x8hxP0l9H3seXGQEjsAIElibEd6QjaEBBOA3EQlzhFIJNEgcI8YpjJAi7HNeVK6/2G4sOCe151Zib+BojYATWgcCShHgcST8pPLZvlXTFdUCzaxQvlnRDSeW4IFqOzQSOh0DuxE1ajIAR2FIEliTEG1QxfC8pcLunpMetBEvCd8h+OVIVbsNYX1aM61kVod86+xtB4BzNIUqLETACW4jAkoT4DEm3LTDDg0sA9hqEI/ArUuof2uwfi0HhWf5w8bd7VNkzj1/D4D0GI2AEhiOwJCFCJpBKLmhYODHWIG+RdIUqC+bVkq5dMyCwIwYx92CTO03OtcUIGIEtRGBJQvxeVRjhJAVmh5bE0XNpOWayb2IrvGqNAyXG9zBJ9ysGS1bMkMyapZ/V9zcCRiAhsCQhEqJy2GwmqFpDXvIa5HYp9IdwGqrrNHmpCen5WjFg4hbJaLEYASOwZQgsRYjcl8yPXHBgQD5rELJOzi/pBVUxiZt1DOgzks6eteE5yKH+5xoexGMwAkagPwJLESJH0b8Xw8R2ODaAuv8Td7fEJvjt1IzqOe/puARt8AlFG0KHCNWxGAEjsEUILEWIQIStMK8aQ31D0uKWFmyC2AbR9E7Qw6ZJIPkPi7qNVO255tIP4vsbASMwDIEgRGr6PXjYpXp4jf1sSBfkLB8ru4CqNqTKja1uM+TebW2/WmWcnC5lndy/Z6cvTVW9ozk2x+NPlI/dcwhuZgSMwKYIBCGeV9LHB3ZGCawPDrwmb17a3vgNgvzVBn1ueike4s9u2km6nhhLgrctRsAIbAkCSxLiC6tK0zcucOLTARSFXUrIkqEg7RTCBoNjxmIEjMCWILAkIVI95tkFTkum7mHP5PMEeIifVmmqdxw4hxS4LXOZqcNIPUaLETACW4DAkk4VHBY4I/IxLFncAe2UcmHIBarvs3xs4PxRBIJiELngnHnAwH7c3AgYgYUQWJIQeWRqIVJiK4TYPUJvKOw6hfDhKY7meI7R4NqEz4netPpHBg2hN0OdO3wBEM90Xjh2bF9TPLv7MAJGYCACSxMijpnSZnifilQeNfA5mprHsfx6qVBDUztIjCo1hP08Jn2gaswQXifpasWFVAOn2rbFCBiBlSOwNCECz+tTvnBA9Yf0WVGO05tKVNQhJpDYwCah+jVVsJFNcpG5D8UgckFDRfO0GAEjsHIE1kCIfAyKYgjYFEMotkq2x6aFHiIF7yoV0b2pZS7eUI2BNl9PMYhjpy2voRh9UDaMlES+7WIxAkZgxQisgRCBh5JZxDQePcMKTev6G+QEUziC4G9se5evPlb/9oZ54J4cl/eqfufby0MD1MtuXy7pusUfcbgQvG0xAkZgxQishRCB6Awp/3fvDC80PMJfPjcAQ7Jd+HbyY6uK3GTgIG05ybestNN9Uju+9veNAfeqa8q9S20U7zXfnrYYASOwYgTWRIjAhFODQgl8kznynKmKwwedIBmqadd5oPEKU3HmwimHmPziXNqyaj5UOXYulDJUzjHBXKFpMsajZX3xDCdNYUYT3MJdGAEjMAcCayPEeEaO0GSM4KTALpcLecIchbHJQaAQT15XMW/L1/v2TfUJv5t+oIYhoT7cg3+QIDhQXAJNdP/0jxS+vqmJfIWP/Gc0TP5BzuWYcBJhK6V+Iv+IueQ5LEbACKwEgbUSYsBzREmXSJ8aOEsVU8hxGgcFhWQZO+RIodnfpgrXlBA7oPpm8per8JcvSqJQQxlPSEjPvXrg/4VKMyWOsY+UxW77XNNWibvP9W5jBIzAxAisnRAnflx3ZwSMgBFoRsCE6NVhBIyAEUgImBC9FIyAETACJkSvASNgBIzAwRGwhugVYQSMgBGwhug1YASMgBGwhug1YASMgBGoRcBHZi8MI2AEjICPzF4DRsAIGAEfmb0GjIARMAI+MnsNGAEjYATaELAN0evDCBgBI2AboteAETACRsA2RK8BI2AEjIBtiF4DRsAIGAHbEL0GjIARMAI9ELBTpQdIbmIEjMCegYAJcc+YZz+lETACPRAwIfYAyU2MgBHYMxAwIe4Z8+ynNAJGoAcCJsQeILmJETACewYCJsQ9Y579lEbACPRAwITYAyQ3MQJGYM9AwIS4Z8yzn9IIGIEeCPw/FI65QJnOAtwAAAAASUVORK5CYII="/></switch></g></g></g><g data-cell-id="7QqzYbiBiShg53c-Jw5P-68"><g><path d="M 285 275.11 L 285 302.76" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="stroke"/><path d="M 282.67 296.88 L 285 303.88 L 287.33 296.88" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g></g><g data-cell-id="Vi5QHpNjJtGqgJKW9Ny1-1"><g><path d="M 145.28 89.32 Q 165 25 210 25 Q 255 25 313.68 105.69" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" stroke-dasharray="1 2" pointer-events="stroke"/><path d="M 308.34 102.31 L 314.34 106.6 L 312.11 99.56" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g></g><g data-cell-id="Vi5QHpNjJtGqgJKW9Ny1-2"><g><path d="M 145 95 Q 175 65 225 80 Q 275 95 302.9 164.37" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" stroke-dasharray="1 2" pointer-events="stroke"/><path d="M 298.54 159.78 L 303.31 165.4 L 302.87 158.04" fill="none" stroke="rgb(0, 0, 0)" stroke-miterlimit="10" pointer-events="all"/></g></g></g></g></g></svg>
diff --git a/docs/src/capi/explanation/index.md b/docs/src/capi/explanation/index.md
index 61336858e..775dd26a3 100644
--- a/docs/src/capi/explanation/index.md
+++ b/docs/src/capi/explanation/index.md
@@ -15,6 +15,7 @@ Overview <self>
 
 about
 security
+capi-ck8s.md
 
 ```
 
diff --git a/docs/src/capi/howto/custom-ck8s.md b/docs/src/capi/howto/custom-ck8s.md
new file mode 100644
index 000000000..d81191980
--- /dev/null
+++ b/docs/src/capi/howto/custom-ck8s.md
@@ -0,0 +1,64 @@
+# Install custom {{product}} on machines
+
+By default, the `version` field in the machine specifications will determine which {{product}} is downloaded from the `stable` rist level. While you can install different versions of the `stable` risk level by changing the `version` field, extra steps should be taken if you're willing to install a specific risk level.
+This guide walks you through the process of installing custom {{product}} on workload cluster machines.
+
+## Prerequisites
+
+To follow this guide, you will need:
+
+- A Kubernetes management cluster with Cluster API and providers installed and configured.
+- A generated cluster spec manifest
+
+Please refer to the [getting-started guide][getting-started] for further
+details on the required setup.
+
+In this guide we call the generated cluster spec manifrst `cluster.yaml`.
+
+## Overwrite the existing `install.sh` script
+
+The installation of the {{product}} snap is done via running the `install.sh` script in the cloud-init.
+While this file is automatically placed in every workload cluster machine which hard-coded content by {{product}} providers, you can overwrite this file to make sure your desired content is available in the script. 
+
+As an example, let's overwrite the `install.sh` for our control plane nodes. Inside the `cluster.yaml`, add the new file content:
+```yaml
+apiVersion: controlplane.cluster.x-k8s.io/v1beta2
+kind: CK8sControlPlane
+...
+spec:
+  ...
+  spec:
+    files:
+    - content: |
+        #!/bin/bash -xe
+        snap install k8s --classic --channel=latest/edge
+      owner: root:root
+      path: /capi/scripts/install.sh
+      permissions: "0500"
+```
+
+Now the new control plane nodes that are created using this manifest will have the `latest/edge` {{product}} snap installed on them!
+
+## Use `preRunCommands`
+
+As mentioned above, the `install.sh` script is responsible for installing {{product}} snap on machines. `preRunCommands` are executed before `install.sh`. You can also add an install command to the `preRunCommands` in order to install your desired {{product}} version. 
+
+```{note}
+Installing the {{product}} snap via the `preRunCommands`, does not prevent the `install.sh` script from running. Instead, the installation process in the `install.sh` will fail with a message indicating that `k8s` is already installed.
+This is not considered a standard way and overwriting the `install.sh` script is recommended.
+```
+
+Edit the `cluster.yaml` to add the installation command:
+```yaml
+apiVersion: controlplane.cluster.x-k8s.io/v1beta2
+kind: CK8sControlPlane
+...
+spec:
+  ...
+  spec:
+    preRunCommands:
+    - snap install k8s --classic --channel=latest/edge
+```
+
+<!-- LINKS -->
+[getting-started]: ../tutorial/getting-started.md
diff --git a/docs/src/capi/howto/index.md b/docs/src/capi/howto/index.md
index f013e6b35..375a5025a 100644
--- a/docs/src/capi/howto/index.md
+++ b/docs/src/capi/howto/index.md
@@ -16,6 +16,9 @@ Overview <self>
 
 external-etcd
 rollout-upgrades
+upgrade-providers
+migrate-management
+custom-ck8s
 ```
 
 ---
diff --git a/docs/src/capi/howto/migrate-management.md b/docs/src/capi/howto/migrate-management.md
new file mode 100644
index 000000000..11a1474f3
--- /dev/null
+++ b/docs/src/capi/howto/migrate-management.md
@@ -0,0 +1,29 @@
+# Migrate the managment cluster
+
+Management cluster migration is a really powerful operation in the cluster’s lifecycle as it allows admins
+to move the management cluster in a more reliable substrate or perform maintenance tasks without disruptions.
+In this guide we will walk through the migration of a management cluster.
+
+## Prerequisites
+
+In the [Cluster provisioning with CAPI and {{product}} tutorial] we showed how to provision a workloads cluster. Here, we start from the point where the workloads cluster is available and we will migrate the management cluster to the one cluster we just provisioned.
+
+## Install the same set of providers to the provisioned cluster
+
+Before migrating a cluster, we must make sure that both the target and source management clusters run the same version of providers (infrastructure, bootstrap, control plane). To do so, `clusterctl init` should be called against the target cluster:
+
+```
+clusterctl get kubeconfig <provisioned-cluster> > targetconfig
+clusterctl init --kubeconfig=$PWD/targetconfig --bootstrap ck8s --control-plane ck8s --infrastructure <infra-provider-of-choice>
+```
+
+## Move the cluster
+
+Simply call:
+
+```
+clusterctl move --to-kubeconfig=$PWD/targetconfig
+```
+
+<!-- LINKS -->
+[Cluster provisioning with CAPI and {{product}} tutorial]: ../tutorial/getting-started.md
diff --git a/docs/src/capi/howto/upgrade-providers.md b/docs/src/capi/howto/upgrade-providers.md
new file mode 100644
index 000000000..5188c2413
--- /dev/null
+++ b/docs/src/capi/howto/upgrade-providers.md
@@ -0,0 +1,53 @@
+# Upgrading the providers of a management cluster
+
+In this guide we will go through the process of upgrading providers of a management cluster.
+
+## Prerequisites
+
+We assume we already have a management cluster and the infrastructure provider configured as described in the [Cluster provisioning with CAPI and {{product}} tutorial]. The selected infrastructure provider is AWS. We have not yet called `clusterctl init` to initialise the cluster.
+
+## Initialise the cluster
+
+To demonstrate the steps of upgrading the management cluster, we will begin by initialising a desired version of the {{product}} CAPI providers.
+
+To set the version of the providers to be installed we use the following notation:
+
+```
+clusterctl init --bootstrap ck8s:v0.1.2 --control-plane ck8s:v0.1.2 --infrastructure <infra-provider-of-choice>
+```
+
+## Check for updates
+
+With `clusterctl` we can check if there are any new versions of the running providers:
+
+```
+clusterctl upgrade plan
+```
+
+The output shows the existing version of each provider as well as the version that we can upgrade into:
+
+```text
+NAME                 NAMESPACE       TYPE                     CURRENT VERSION   NEXT VERSION
+bootstrap-ck8s       cabpck-system   BootstrapProvider        v0.1.2            v0.2.0
+control-plane-ck8s   cacpck-system   ControlPlaneProvider     v0.1.2            v0.2.0
+cluster-api          capi-system     CoreProvider             v1.8.1            Already up to date
+infrastructure-aws   capa-system     InfrastructureProvider   v2.6.1            Already up to date
+```
+
+## Trigger providers upgrade
+
+To apply the upgrade plan recommended by `clusterctl upgrade plan`, simply:
+
+```
+clusterctl upgrade apply --contract v1beta1
+```
+
+To upgrade each provider one by one, issue:
+
+```
+clusterctl upgrade apply --bootstrap cabpck-system/ck8s:v0.2.0
+clusterctl upgrade apply --control-plane cacpck-system/ck8s:v0.2.0
+```
+
+<!-- LINKS -->
+[Cluster provisioning with CAPI and {{product}} tutorial]: ../tutorial/getting-started.md
diff --git a/docs/src/capi/reference/configs.md b/docs/src/capi/reference/configs.md
new file mode 100644
index 000000000..60ce9bebe
--- /dev/null
+++ b/docs/src/capi/reference/configs.md
@@ -0,0 +1,224 @@
+# Providers Configurations
+
+{{product}} bootstrap and control plane providers (CABPCK and CACPCK) can be configured to aid the cluster admin in reaching the desired state for the workload cluster. In this section we will go through different configurations that each one of these providers expose.
+
+## Common Configurations
+
+The following configurations are available for both bootstrap and control plane providers.
+
+### `version`
+**Type:** `string`
+
+**Required:** yes
+
+`version` is used to specify the {{product}} version installed on the nodes.
+
+```{note}
+The {{product}} providers will install the latest patch in the `stable` risk level by default, e.g. `1.30/stable`. Patch versions specified in this configuration will be ignored.
+
+To install a specific track or risk level, see [Install custom {{product}} on machines] guide.
+```
+
+**Example Usage:**
+```yaml
+spec:
+    version: 1.30
+```
+
+### `files`
+**Type:** `struct`
+
+**Required:** no
+
+`files` can be used to add new files to the machines or overwrite existing files.
+
+**Fields:**
+
+| Name | Type | Description | Default |
+|------|------|-------------|---------|
+| `path` | `string` | Where the file should be created | `""` |
+| `content` | `string` | Content of the created file | `""` |
+| `permissions` | `string` | Permissions of the file to create, e.g. "0600" | `""` |
+| `owner` | `string` | Owner of the file to create, e.g. "root:root" | `""` |
+
+**Example Usage:**
+```yaml
+spec:
+    files:
+        path: "/path/to/my-file"
+        content: |
+            #!/bin/bash -xe
+            echo "hello from my-file
+        permissions: "0500"
+        owner: root:root
+```
+
+### `bootCommands`
+**Type:** `[]string`
+
+**Required:** no
+
+`bootCommands` specifies extra commands to run in cloud-init early in the boot process.
+
+**Example Usage:** 
+```yaml
+spec:
+    bootCommands: 
+        - echo "first-command"
+        - echo "second-command"
+```
+
+### `preRunCommands`
+**Type:** `[]string`
+
+**Required:** no
+
+`preRunCommands` specifies extra commands to run in cloud-init before k8s-snap setup runs.
+
+```{note}
+`preRunCommands` can also be used to install custom {{product}} versions on machines. See [Install custom {{product}} on machines] guide for more info.
+```
+
+**Example Usage:** 
+```yaml
+spec:
+    preRunCommands:
+        - echo "first-command"
+        - echo "second-command"
+```
+
+### `postRunCommands`
+**Type:** `[]string`
+
+**Required:** no
+
+`postRunCommands` specifies extra commands to run in cloud-init after k8s-snap setup runs.
+
+**Example Usage:** 
+```yaml
+spec:
+    postRunCommands:
+        - echo "first-command"
+        - echo "second-command"
+```
+
+### `airGapped`
+**Type:** `bool`
+
+**Required:** no
+
+`airGapped` is used to signal that we are deploying to an airgap environment. In this case, the provider will not attempt to install k8s-snap on the machine. The user is expected to install k8s-snap manually with [`preRunCommands`](#preRunCommands), or provide an image with k8s-snap pre-installed.
+
+**Example Usage:**
+```yaml
+spec:
+    airGapped: true
+```
+
+### `initConfig`
+**Type:** `struct`
+
+**Required:** no
+
+`initConfig` is configuration for the initializing the cluster features
+
+**Fields:**
+
+| Name | Type | Description | Default |
+|------|------|-------------|---------|
+| `annotations` | `map[string]string` | Are used to configure the behaviour of the built-in features. | `nil` |
+| `enableDefaultDNS` | `bool` | Specifies whether to enable the default DNS configuration. | `true` |
+| `enableDefaultLocalStorage` | `bool` | Specifies whether to enable the default local storage. | `true` |
+| `enableDefaultMetricsServer` | `bool` | Specifies whether to enable the default metrics server. | `true` |
+| `enableDefaultNetwork` | `bool` | Specifies whether to enable the default CNI. | `true` |
+
+
+**Example Usage:**
+```yaml
+spec:
+    initConfig:
+        annotations:
+            annotationKey: "annotationValue"
+        enableDefaultDNS: false
+        enableDefaultLocalStorage: true
+        enableDefaultMetricsServer: false
+        enableDefaultNetwork: true
+```
+
+### `nodeName`
+**Type:** `string`
+
+**Required:** no
+
+`nodeName` is the name to use for the kubelet of this node. It is needed for clouds where the cloud-provider has specific pre-requisites about the node names. It is typically set in Jinja template form, e.g. `"{{ ds.meta_data.local_hostname }}"`.
+
+**Example Usage:**
+```yaml
+spec:
+    nodeName: "{{ ds.meta_data.local_hostname }}"
+```
+
+## Control plane provider (CACPCK)
+
+The following configurations are only available for the control plane provider.
+
+### `replicas`
+**Type:** `int32`
+
+**Required:** no
+
+`replicas` is the number of desired machines. Defaults to 1. When stacked etcd is used only odd numbers are permitted, as per [etcd best practice].
+
+**Example Usage:**
+```yaml
+spec:
+    replicas: 2
+```
+
+### `controlPlane`
+**Type:** `struct`
+
+**Required:** no
+
+`controlPlane` is configuration for control plane nodes.
+
+**Fields:**
+
+| Name | Type | Description | Default |
+|------|------|-------------|---------|
+| `extraSANs` | `[]string` | A list of SANs to include in the server certificates. | `[]` |
+| `cloudProvider` | `string` | The cloud-provider configuration option to set. | `""` |
+| `nodeTaints` | `[]string` | Taints to add to the control plane kubelet nodes. | `[]` |
+| `datastoreType` | `string` | The type of datastore to use for the control plane. | `""` |
+| `datastoreServersSecretRef` | `struct{name:str, key:str}` | A reference to a secret containing the datastore servers. | `{}` |
+| `k8sDqlitePort` | `int` | The port to use for k8s-dqlite. If unset, 2379 (etcd) will be used. | `2379` |
+| `microclusterAddress` | `string` | The address (or CIDR) to use for microcluster. If unset, the default node interface is chosen. | `""` |
+| `microclusterPort` | `int` | The port to use for microcluster. If unset, ":2380" (etcd peer) will be used. | `":2380"` |
+| `extraKubeAPIServerArgs` | `map[string]string` | Extra arguments to add to kube-apiserver. | `map[]` |
+
+**Example Usage:**
+```yaml
+spec:
+    controlPlane:
+        extraSANs:
+            - extra.san
+        cloudProvider: external
+        nodeTaints:
+            - myTaint
+        datastoreType: k8s-dqlite
+        datastoreServersSecretRef:
+            name: sfName
+            key: sfKey
+        k8sDqlitePort: 2379
+        microclusterAddress: my.address
+        microclusterPort: ":2380"
+        extraKubeAPIServerArgs:
+            argKey: argVal
+```
+
+<!-- LINKS -->
+[Install custom {{product}} on machines]: ../howto/custom-ck8s.md
+[etcd best practices]: https://etcd.io/docs/v3.5/faq/#why-an-odd-number-of-cluster-members
+
+
+
diff --git a/docs/src/capi/reference/index.md b/docs/src/capi/reference/index.md
index b98291faf..1712305ec 100644
--- a/docs/src/capi/reference/index.md
+++ b/docs/src/capi/reference/index.md
@@ -12,6 +12,7 @@ Overview <self>
 :titlesonly:
 releases
 community
+configs
 
 ```
 

From 2273e4a2629cc3525419f5283ea6d49d2a06fa67 Mon Sep 17 00:00:00 2001
From: Benjamin Schimke <benjamin.schimke@canonical.com>
Date: Tue, 10 Sep 2024 13:33:26 +0200
Subject: [PATCH 30/45] Add annotations docs (#652)

---------

Co-authored-by: Nick Veitch <nick.veitch@canonical.com>
---
 docs/src/capi/reference/annotations.md | 15 +++++++++++++++
 docs/src/capi/reference/index.md       |  1 +
 docs/src/snap/reference/annotations.md | 13 +++++++++++++
 docs/src/snap/reference/index.md       |  1 +
 4 files changed, 30 insertions(+)
 create mode 100644 docs/src/capi/reference/annotations.md
 create mode 100644 docs/src/snap/reference/annotations.md

diff --git a/docs/src/capi/reference/annotations.md b/docs/src/capi/reference/annotations.md
new file mode 100644
index 000000000..8f9e87fa9
--- /dev/null
+++ b/docs/src/capi/reference/annotations.md
@@ -0,0 +1,15 @@
+# Annotations
+
+Like annotations for other Kubernetes objects, CAPI annotations are key-value
+pairs that can be used to reflect additional metadata for CAPI resources.
+
+## Machine
+
+The following annotations can be set on CAPI `Machine` resources.
+
+| Name                                          | Description                                          | Values                       | Set by user |
+|-----------------------------------------------|------------------------------------------------------|------------------------------|-------------|
+| `v1beta2.k8sd.io/in-place-upgrade-to`         | Trigger a Kubernetes version upgrade on that machine | snap version e.g.:<br>- `localPath=/full/path/to/k8s.snap`<br>- `revision=123`<br>- `channel=latest/edge` | yes |
+| `v1beta2.k8sd.io/in-place-upgrade-status`     | The status of the version upgrade                    | in-progress\|done\|failed    | no          |
+| `v1beta2.k8sd.io/in-place-upgrade-release`    | The current version on the machine                   | snap version e.g.:<br>- `localPath=/full/path/to/k8s.snap`<br>- `revision=123`<br>- `channel=latest/edge` | no |
+| `v1beta2.k8sd.io/in-place-upgrade-change-id`  | The ID of the currently running upgrade              | ID string                    | no          |
diff --git a/docs/src/capi/reference/index.md b/docs/src/capi/reference/index.md
index 1712305ec..cd239300c 100644
--- a/docs/src/capi/reference/index.md
+++ b/docs/src/capi/reference/index.md
@@ -11,6 +11,7 @@ Overview <self>
 ```{toctree}
 :titlesonly:
 releases
+annotations
 community
 configs
 
diff --git a/docs/src/snap/reference/annotations.md b/docs/src/snap/reference/annotations.md
new file mode 100644
index 000000000..b5e4404d8
--- /dev/null
+++ b/docs/src/snap/reference/annotations.md
@@ -0,0 +1,13 @@
+# Annotations
+
+This page outlines the annotations that can be configured during cluster
+[bootstrap]. To do this, set the cluster-config/annotations parameter in
+the bootstrap configuration.
+
+| Name                                                          | Description                                                                                                                                                                                                                                       | Values          |
+|---------------------------------------------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-----------------|
+| `k8sd/v1alpha/lifecycle/skip-cleanup-kubernetes-node-on-remove` | If set, only microcluster and file cleanup are performed.  This is helpful when an external controller (e.g., CAPI) manages the Kubernetes node lifecycle. By default,  k8sd will remove the Kubernetes node when it is removed from the cluster. | "true"\|"false" |
+
+<!-- Links -->
+
+[bootstrap]: /snap/reference/bootstrap-config-reference
diff --git a/docs/src/snap/reference/index.md b/docs/src/snap/reference/index.md
index bb2a5735a..f1720e760 100644
--- a/docs/src/snap/reference/index.md
+++ b/docs/src/snap/reference/index.md
@@ -13,6 +13,7 @@ Overview <self>
 
 releases
 commands
+annotations
 certificates
 bootstrap-config-reference
 proxy

From 494f4f80abb5361dc387ae519d8c8e172a596169 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Berkay=20Tekin=20=C3=96z?= <berkay.tekinoz@canonical.com>
Date: Wed, 11 Sep 2024 08:55:54 +0300
Subject: [PATCH 31/45] Change default cgroup driver to systemd (#661)

---
 src/k8s/pkg/k8sd/setup/containerd.go   | 3 +++
 src/k8s/pkg/k8sd/setup/kubelet.go      | 1 +
 src/k8s/pkg/k8sd/setup/kubelet_test.go | 6 ++++++
 3 files changed, 10 insertions(+)

diff --git a/src/k8s/pkg/k8sd/setup/containerd.go b/src/k8s/pkg/k8sd/setup/containerd.go
index b756de190..dbf1545ec 100644
--- a/src/k8s/pkg/k8sd/setup/containerd.go
+++ b/src/k8s/pkg/k8sd/setup/containerd.go
@@ -68,6 +68,9 @@ func defaultContainerdConfig(
 					"runtimes": map[string]any{
 						"runc": map[string]any{
 							"runtime_type": "io.containerd.runc.v2",
+							"options": map[string]any{
+								"SystemdCgroup": true,
+							},
 						},
 					},
 				},
diff --git a/src/k8s/pkg/k8sd/setup/kubelet.go b/src/k8s/pkg/k8sd/setup/kubelet.go
index cdfa82f97..ff4cd9e0f 100644
--- a/src/k8s/pkg/k8sd/setup/kubelet.go
+++ b/src/k8s/pkg/k8sd/setup/kubelet.go
@@ -54,6 +54,7 @@ func kubelet(snap snap.Snap, hostname string, nodeIP net.IP, clusterDNS string,
 		"--client-ca-file":               filepath.Join(snap.KubernetesPKIDir(), "client-ca.crt"),
 		"--container-runtime-endpoint":   filepath.Join(snap.ContainerdSocketDir(), "containerd.sock"),
 		"--containerd":                   filepath.Join(snap.ContainerdSocketDir(), "containerd.sock"),
+		"--cgroup-driver":                "systemd",
 		"--eviction-hard":                "'memory.available<100Mi,nodefs.available<1Gi,imagefs.available<1Gi'",
 		"--fail-swap-on":                 "false",
 		"--kubeconfig":                   filepath.Join(snap.KubernetesConfigDir(), "kubelet.conf"),
diff --git a/src/k8s/pkg/k8sd/setup/kubelet_test.go b/src/k8s/pkg/k8sd/setup/kubelet_test.go
index b8e1656bc..99129e3d5 100644
--- a/src/k8s/pkg/k8sd/setup/kubelet_test.go
+++ b/src/k8s/pkg/k8sd/setup/kubelet_test.go
@@ -59,6 +59,7 @@ func TestKubelet(t *testing.T) {
 			{key: "--client-ca-file", expectedVal: filepath.Join(s.Mock.KubernetesPKIDir, "client-ca.crt")},
 			{key: "--container-runtime-endpoint", expectedVal: filepath.Join(s.Mock.ContainerdSocketDir, "containerd.sock")},
 			{key: "--containerd", expectedVal: filepath.Join(s.Mock.ContainerdSocketDir, "containerd.sock")},
+			{key: "--cgroup-driver", expectedVal: "systemd"},
 			{key: "--eviction-hard", expectedVal: "'memory.available<100Mi,nodefs.available<1Gi,imagefs.available<1Gi'"},
 			{key: "--fail-swap-on", expectedVal: "false"},
 			{key: "--hostname-override", expectedVal: "dev"},
@@ -116,6 +117,7 @@ func TestKubelet(t *testing.T) {
 			{key: "--client-ca-file", expectedVal: filepath.Join(s.Mock.KubernetesPKIDir, "client-ca.crt")},
 			{key: "--container-runtime-endpoint", expectedVal: filepath.Join(s.Mock.ContainerdSocketDir, "containerd.sock")},
 			{key: "--containerd", expectedVal: filepath.Join(s.Mock.ContainerdSocketDir, "containerd.sock")},
+			{key: "--cgroup-driver", expectedVal: "systemd"},
 			{key: "--eviction-hard", expectedVal: "'memory.available<100Mi,nodefs.available<1Gi,imagefs.available<1Gi'"},
 			{key: "--fail-swap-on", expectedVal: "false"},
 			{key: "--hostname-override", expectedVal: "dev"},
@@ -173,6 +175,7 @@ func TestKubelet(t *testing.T) {
 			{key: "--client-ca-file", expectedVal: filepath.Join(s.Mock.KubernetesPKIDir, "client-ca.crt")},
 			{key: "--container-runtime-endpoint", expectedVal: filepath.Join(s.Mock.ContainerdSocketDir, "containerd.sock")},
 			{key: "--containerd", expectedVal: filepath.Join(s.Mock.ContainerdSocketDir, "containerd.sock")},
+			{key: "--cgroup-driver", expectedVal: "systemd"},
 			{key: "--eviction-hard", expectedVal: "'memory.available<100Mi,nodefs.available<1Gi,imagefs.available<1Gi'"},
 			{key: "--fail-swap-on", expectedVal: "false"},
 			{key: "--hostname-override", expectedVal: "dev"},
@@ -221,6 +224,7 @@ func TestKubelet(t *testing.T) {
 			{key: "--client-ca-file", expectedVal: filepath.Join(s.Mock.KubernetesPKIDir, "client-ca.crt")},
 			{key: "--container-runtime-endpoint", expectedVal: filepath.Join(s.Mock.ContainerdSocketDir, "containerd.sock")},
 			{key: "--containerd", expectedVal: filepath.Join(s.Mock.ContainerdSocketDir, "containerd.sock")},
+			{key: "--cgroup-driver", expectedVal: "systemd"},
 			{key: "--eviction-hard", expectedVal: "'memory.available<100Mi,nodefs.available<1Gi,imagefs.available<1Gi'"},
 			{key: "--fail-swap-on", expectedVal: "false"},
 			{key: "--hostname-override", expectedVal: "dev"},
@@ -278,6 +282,7 @@ func TestKubelet(t *testing.T) {
 			{key: "--client-ca-file", expectedVal: filepath.Join(s.Mock.KubernetesPKIDir, "client-ca.crt")},
 			{key: "--container-runtime-endpoint", expectedVal: filepath.Join(s.Mock.ContainerdSocketDir, "containerd.sock")},
 			{key: "--containerd", expectedVal: filepath.Join(s.Mock.ContainerdSocketDir, "containerd.sock")},
+			{key: "--cgroup-driver", expectedVal: "systemd"},
 			{key: "--eviction-hard", expectedVal: "'memory.available<100Mi,nodefs.available<1Gi,imagefs.available<1Gi'"},
 			{key: "--fail-swap-on", expectedVal: "false"},
 			{key: "--hostname-override", expectedVal: "dev"},
@@ -334,6 +339,7 @@ func TestKubelet(t *testing.T) {
 			{key: "--client-ca-file", expectedVal: filepath.Join(s.Mock.KubernetesPKIDir, "client-ca.crt")},
 			{key: "--container-runtime-endpoint", expectedVal: filepath.Join(s.Mock.ContainerdSocketDir, "containerd.sock")},
 			{key: "--containerd", expectedVal: filepath.Join(s.Mock.ContainerdSocketDir, "containerd.sock")},
+			{key: "--cgroup-driver", expectedVal: "systemd"},
 			{key: "--eviction-hard", expectedVal: "'memory.available<100Mi,nodefs.available<1Gi,imagefs.available<1Gi'"},
 			{key: "--fail-swap-on", expectedVal: "false"},
 			{key: "--hostname-override", expectedVal: "dev"},

From 5966752a7421bd7d322c9226279008e66de82a54 Mon Sep 17 00:00:00 2001
From: Adam Dyess <adam.dyess@canonical.com>
Date: Thu, 12 Sep 2024 13:45:30 -0500
Subject: [PATCH 32/45] Introduce tests to ensure branches and lp-recipes exist
 (#663)

---
 .github/workflows/integration.yaml            | 16 ++++
 tests/branch_management/.copyright.tmpl       |  1 +
 tests/branch_management/requirements-dev.txt  |  5 +
 tests/branch_management/requirements-test.txt |  7 ++
 tests/branch_management/tests/conftest.py     | 27 ++++++
 .../branch_management/tests/test_branches.py  | 93 +++++++++++++++++++
 tests/branch_management/tox.ini               | 52 +++++++++++
 7 files changed, 201 insertions(+)
 create mode 100644 tests/branch_management/.copyright.tmpl
 create mode 100644 tests/branch_management/requirements-dev.txt
 create mode 100644 tests/branch_management/requirements-test.txt
 create mode 100644 tests/branch_management/tests/conftest.py
 create mode 100644 tests/branch_management/tests/test_branches.py
 create mode 100644 tests/branch_management/tox.ini

diff --git a/.github/workflows/integration.yaml b/.github/workflows/integration.yaml
index 8f5b0eb40..6a58c1194 100644
--- a/.github/workflows/integration.yaml
+++ b/.github/workflows/integration.yaml
@@ -45,6 +45,22 @@ jobs:
           name: k8s.snap
           path: k8s.snap
 
+  test-branches:
+    name: Test Branch Management
+    runs-on: ubuntu-20.04
+    steps:
+      - name: Check out code
+        uses: actions/checkout@v4
+      - name: Setup Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: '3.8'
+      - name: Install tox
+        run: pip install tox
+      - name: Run branch_management tests
+        run: |
+          tox -c tests/branch_management -e integration
+
   test-integration:
     name: Test ${{ matrix.os }}
     strategy:
diff --git a/tests/branch_management/.copyright.tmpl b/tests/branch_management/.copyright.tmpl
new file mode 100644
index 000000000..ecbed6c7a
--- /dev/null
+++ b/tests/branch_management/.copyright.tmpl
@@ -0,0 +1 @@
+Copyright ${years} ${owner}.
diff --git a/tests/branch_management/requirements-dev.txt b/tests/branch_management/requirements-dev.txt
new file mode 100644
index 000000000..a66721ae0
--- /dev/null
+++ b/tests/branch_management/requirements-dev.txt
@@ -0,0 +1,5 @@
+black==24.3.0
+codespell==2.2.4
+flake8==6.0.0
+isort==5.12.0
+licenseheaders==0.8.8
diff --git a/tests/branch_management/requirements-test.txt b/tests/branch_management/requirements-test.txt
new file mode 100644
index 000000000..b702086cc
--- /dev/null
+++ b/tests/branch_management/requirements-test.txt
@@ -0,0 +1,7 @@
+coverage[toml]==7.2.5
+pytest==7.3.1
+PyYAML==6.0.1
+tenacity==8.2.3
+pylint==3.2.5
+requests==2.32.3
+semver==3.0.2
\ No newline at end of file
diff --git a/tests/branch_management/tests/conftest.py b/tests/branch_management/tests/conftest.py
new file mode 100644
index 000000000..f745828fb
--- /dev/null
+++ b/tests/branch_management/tests/conftest.py
@@ -0,0 +1,27 @@
+#
+# Copyright 2024 Canonical, Ltd.
+#
+from pathlib import Path
+
+import pytest
+import requests
+import semver
+
+
+@pytest.fixture
+def upstream_release() -> semver.VersionInfo:
+    """Return the latest stable k8s in the release series"""
+    release_url = "https://dl.k8s.io/release/stable.txt"
+    r = requests.get(release_url)
+    r.raise_for_status()
+    return semver.Version.parse(r.content.decode().lstrip("v"))
+
+
+@pytest.fixture
+def current_release() -> semver.VersionInfo:
+    """Return the current branch k8s version"""
+    ver_file = (
+        Path(__file__).parent / "../../../build-scripts/components/kubernetes/version"
+    )
+    version = ver_file.read_text().strip()
+    return semver.Version.parse(version.lstrip("v"))
diff --git a/tests/branch_management/tests/test_branches.py b/tests/branch_management/tests/test_branches.py
new file mode 100644
index 000000000..426fde599
--- /dev/null
+++ b/tests/branch_management/tests/test_branches.py
@@ -0,0 +1,93 @@
+#
+# Copyright 2024 Canonical, Ltd.
+#
+from pathlib import Path
+from subprocess import check_output
+
+import requests
+
+
+def _get_max_minor(major):
+    """Get the latest minor release of the provided major.
+    For example if you use 1 as major you will get back X where X gives you latest 1.X release.
+    """
+    minor = 0
+    while _upstream_release_exists(major, minor):
+        minor += 1
+    return minor - 1
+
+
+def _upstream_release_exists(major, minor):
+    """Return true if the major.minor release exists"""
+    release_url = "https://dl.k8s.io/release/stable-{}.{}.txt".format(major, minor)
+    r = requests.get(release_url)
+    return r.status_code == 200
+
+
+def _confirm_branch_exists(branch):
+    cmd = f"git ls-remote --heads https://github.com/canonical/k8s-snap.git/ {branch}"
+    output = check_output(cmd.split()).decode("utf-8")
+    assert branch in output, f"Branch {branch} does not exist"
+
+
+def _branch_flavours(branch: str = None):
+    patch_dir = Path("build-scripts/patches")
+    branch = "HEAD" if branch is None else branch
+    cmd = f"git ls-tree --full-tree -r --name-only {branch} {patch_dir}"
+    output = check_output(cmd.split()).decode("utf-8")
+    patches = set(
+        Path(f).relative_to(patch_dir).parents[0] for f in output.splitlines()
+    )
+    return [p.name for p in patches]
+
+
+def _confirm_recipe(track, flavour):
+    recipe = f"https://launchpad.net/~containers/k8s/+snap/k8s-snap-{track}-{flavour}"
+    r = requests.get(recipe)
+    return r.status_code == 200
+
+
+def test_branches(upstream_release):
+    """Ensures git branches exist for prior releases.
+
+    We need to make sure the LP builders pointing to the main github branch are only pushing
+    to the latest and current k8s edge snap tracks. An indication that this is not enforced is
+    that we do not have a branch for the k8s release for the previous stable release. Let me
+    clarify with an example.
+
+    Assuming upstream stable k8s release is v1.12.x, there has to be a 1.11 github branch used
+    by the respective LP builders for building the v1.11.y.
+    """
+    if upstream_release.minor != 0:
+        major = upstream_release.major
+        minor = upstream_release.minor - 1
+    else:
+        major = int(upstream_release.major) - 1
+        minor = _get_max_minor(major)
+
+    prior_branch = f"release-{major}.{minor}"
+    print(f"Current stable is {upstream_release}")
+    print(f"Checking {prior_branch} branch exists")
+    _confirm_branch_exists(prior_branch)
+    flavours = _branch_flavours(prior_branch)
+    for flavour in flavours:
+        prior_branch = f"autoupdate/{prior_branch}-{flavour}"
+        print(f"Checking {prior_branch} branch exists")
+        _confirm_branch_exists(prior_branch)
+
+
+def test_launchpad_recipe(current_release):
+    """Ensures the current recipes are available.
+
+    We should ensure that a launchpad recipe exists for this release to be build with
+    """
+    track = f"{current_release.major}.{current_release.minor}"
+    print(f"Checking {track} recipe exists")
+    flavours = ["classic"] + _branch_flavours()
+    recipe_exists = {flavour: _confirm_recipe(track, flavour) for flavour in flavours}
+    if missing_recipes := [
+        flavour for flavour, exists in recipe_exists.items() if not exists
+    ]:
+        assert (
+            not missing_recipes
+        ), f"LP Recipes do not exist for {track} {missing_recipes}"
diff --git a/tests/branch_management/tox.ini b/tests/branch_management/tox.ini
new file mode 100644
index 000000000..371ad51e4
--- /dev/null
+++ b/tests/branch_management/tox.ini
@@ -0,0 +1,52 @@
+[tox]
+no_package = True
+skip_missing_interpreters = True
+env_list = format, lint, integration
+min_version = 4.0.0
+
+[testenv]
+set_env =
+    PYTHONBREAKPOINT=pdb.set_trace
+    PY_COLORS=1
+pass_env =
+    PYTHONPATH
+
+[testenv:format]
+description = Apply coding style standards to code
+deps = -r {tox_root}/requirements-dev.txt
+commands =
+    licenseheaders -t {tox_root}/.copyright.tmpl -cy -o 'Canonical, Ltd' -d {tox_root}/tests
+    isort {tox_root}/tests --profile=black
+    black {tox_root}/tests
+
+[testenv:lint]
+description = Check code against coding style standards
+deps = -r {tox_root}/requirements-dev.txt
+commands =
+    codespell {tox_root}/tests
+    flake8 {tox_root}/tests
+    licenseheaders -t {tox_root}/.copyright.tmpl -cy -o 'Canonical, Ltd' -d {tox_root}/tests --dry
+    isort {tox_root}/tests --profile=black --check
+    black {tox_root}/tests --check --diff
+
+[testenv:test]
+description = Run integration tests
+deps =
+    -r {tox_root}/requirements-test.txt
+commands =
+    pytest -v \
+        --maxfail 1 \
+        --tb native \
+        --log-cli-level DEBUG \
+        --disable-warnings \
+        {posargs} \
+        {tox_root}/tests
+pass_env =
+    TEST_*
+
+[flake8]
+max-line-length = 120
+select = E,W,F,C,N
+ignore = W503
+exclude = venv,.git,.tox,.tox_env,.venv,build,dist,*.egg_info
+show-source = true

From 1838222c126ccc3f20320ede7b18e36cd30d3307 Mon Sep 17 00:00:00 2001
From: "github-actions[bot]"
 <41898282+github-actions[bot]@users.noreply.github.com>
Date: Fri, 13 Sep 2024 11:02:12 -0500
Subject: [PATCH 33/45] [main] Update component versions (#660)

Co-authored-by: neoaggelos <1888650+neoaggelos@users.noreply.github.com>
---
 build-scripts/components/containerd/version | 2 +-
 build-scripts/components/runc/version       | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/build-scripts/components/containerd/version b/build-scripts/components/containerd/version
index a2ead008e..201df8aec 100644
--- a/build-scripts/components/containerd/version
+++ b/build-scripts/components/containerd/version
@@ -1 +1 @@
-v1.6.35
+v1.6.36
diff --git a/build-scripts/components/runc/version b/build-scripts/components/runc/version
index a829bcbe4..6a99dbb7f 100644
--- a/build-scripts/components/runc/version
+++ b/build-scripts/components/runc/version
@@ -1 +1 @@
-v1.1.13
+v1.1.14

From 0c30c02584702ad69fa6345774252a3366e265b3 Mon Sep 17 00:00:00 2001
From: Adam Dyess <adam.dyess@canonical.com>
Date: Fri, 13 Sep 2024 18:35:25 -0500
Subject: [PATCH 34/45] Auto-update components in release-1.31 branch (#668)

---
 .github/workflows/update-components.yaml | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.github/workflows/update-components.yaml b/.github/workflows/update-components.yaml
index e46bd55df..7f9e43745 100644
--- a/.github/workflows/update-components.yaml
+++ b/.github/workflows/update-components.yaml
@@ -21,6 +21,7 @@ jobs:
           # Keep main branch up to date
           - main
           # Supported stable release branches
+          - release-1.31
           - release-1.30
 
     steps:

From 44aa199b8998a788af5ba296e974a267d2369234 Mon Sep 17 00:00:00 2001
From: Kevin W Monroe <kevin.monroe@canonical.com>
Date: Sat, 14 Sep 2024 10:27:40 -0500
Subject: [PATCH 35/45] use lxd 5.21/stable snap (#670)

---
 .github/workflows/nightly-test.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/nightly-test.yaml b/.github/workflows/nightly-test.yaml
index 915d6c3f3..cd661474f 100644
--- a/.github/workflows/nightly-test.yaml
+++ b/.github/workflows/nightly-test.yaml
@@ -31,7 +31,7 @@ jobs:
           pip3 install tox==4.13
       - name: Install lxd
         run: |
-          sudo snap refresh lxd --channel 5.19/stable
+          sudo snap refresh lxd --channel 5.21/stable
           sudo lxd init --auto
           sudo usermod --append --groups lxd $USER
           sg lxd -c 'lxc version'

From cf1daad482798b1774be07dc1dfae7243215613d Mon Sep 17 00:00:00 2001
From: Homayoon Alimohammadi <homayoon.alimohammadi@canonical.com>
Date: Mon, 16 Sep 2024 13:31:22 +0400
Subject: [PATCH 36/45] Add unit tests for local storage (#665)

---
 src/k8s/pkg/k8sd/features/localpv/chart.go    |   8 +-
 src/k8s/pkg/k8sd/features/localpv/localpv.go  |  14 +-
 .../pkg/k8sd/features/localpv/localpv_test.go | 155 ++++++++++++++++++
 src/k8s/pkg/k8sd/features/localpv/register.go |   2 +-
 4 files changed, 167 insertions(+), 12 deletions(-)
 create mode 100644 src/k8s/pkg/k8sd/features/localpv/localpv_test.go

diff --git a/src/k8s/pkg/k8sd/features/localpv/chart.go b/src/k8s/pkg/k8sd/features/localpv/chart.go
index 5a655fc57..8dd2248af 100644
--- a/src/k8s/pkg/k8sd/features/localpv/chart.go
+++ b/src/k8s/pkg/k8sd/features/localpv/chart.go
@@ -7,8 +7,8 @@ import (
 )
 
 var (
-	// chart represents manifests to deploy Rawfile LocalPV CSI.
-	chart = helm.InstallableChart{
+	// Chart represents manifests to deploy Rawfile LocalPV CSI.
+	Chart = helm.InstallableChart{
 		Name:         "ck-storage",
 		Namespace:    "kube-system",
 		ManifestPath: filepath.Join("charts", "rawfile-csi-0.9.0.tgz"),
@@ -16,8 +16,8 @@ var (
 
 	// imageRepo is the repository to use for Rawfile LocalPV CSI.
 	imageRepo = "ghcr.io/canonical/rawfile-localpv"
-	// imageTag is the image tag to use for Rawfile LocalPV CSI.
-	imageTag = "0.8.0-ck4"
+	// ImageTag is the image tag to use for Rawfile LocalPV CSI.
+	ImageTag = "0.8.0-ck4"
 
 	// csiNodeDriverImage is the image to use for the CSI node driver.
 	csiNodeDriverImage = "ghcr.io/canonical/k8s-snap/sig-storage/csi-node-driver-registrar:v2.10.1"
diff --git a/src/k8s/pkg/k8sd/features/localpv/localpv.go b/src/k8s/pkg/k8sd/features/localpv/localpv.go
index bd812b443..8555ff088 100644
--- a/src/k8s/pkg/k8sd/features/localpv/localpv.go
+++ b/src/k8s/pkg/k8sd/features/localpv/localpv.go
@@ -38,13 +38,13 @@ func ApplyLocalStorage(ctx context.Context, snap snap.Snap, cfg types.LocalStora
 			"csiDriverArgs": []string{"--args", "rawfile", "csi-driver", "--disable-metrics"},
 			"image": map[string]any{
 				"repository": imageRepo,
-				"tag":        imageTag,
+				"tag":        ImageTag,
 			},
 		},
 		"node": map[string]any{
 			"image": map[string]any{
 				"repository": imageRepo,
-				"tag":        imageTag,
+				"tag":        ImageTag,
 			},
 			"storage": map[string]any{
 				"path": cfg.GetLocalPath(),
@@ -58,19 +58,19 @@ func ApplyLocalStorage(ctx context.Context, snap snap.Snap, cfg types.LocalStora
 		},
 	}
 
-	if _, err := m.Apply(ctx, chart, helm.StatePresentOrDeleted(cfg.GetEnabled()), values); err != nil {
+	if _, err := m.Apply(ctx, Chart, helm.StatePresentOrDeleted(cfg.GetEnabled()), values); err != nil {
 		if cfg.GetEnabled() {
 			err = fmt.Errorf("failed to install rawfile-csi helm package: %w", err)
 			return types.FeatureStatus{
 				Enabled: false,
-				Version: imageTag,
+				Version: ImageTag,
 				Message: fmt.Sprintf(deployFailedMsgTmpl, err),
 			}, err
 		} else {
 			err = fmt.Errorf("failed to delete rawfile-csi helm package: %w", err)
 			return types.FeatureStatus{
 				Enabled: false,
-				Version: imageTag,
+				Version: ImageTag,
 				Message: fmt.Sprintf(deleteFailedMsgTmpl, err),
 			}, err
 		}
@@ -79,13 +79,13 @@ func ApplyLocalStorage(ctx context.Context, snap snap.Snap, cfg types.LocalStora
 	if cfg.GetEnabled() {
 		return types.FeatureStatus{
 			Enabled: true,
-			Version: imageTag,
+			Version: ImageTag,
 			Message: fmt.Sprintf(enabledMsg, cfg.GetLocalPath()),
 		}, nil
 	} else {
 		return types.FeatureStatus{
 			Enabled: false,
-			Version: imageTag,
+			Version: ImageTag,
 			Message: disabledMsg,
 		}, nil
 	}
diff --git a/src/k8s/pkg/k8sd/features/localpv/localpv_test.go b/src/k8s/pkg/k8sd/features/localpv/localpv_test.go
new file mode 100644
index 000000000..783422cbd
--- /dev/null
+++ b/src/k8s/pkg/k8sd/features/localpv/localpv_test.go
@@ -0,0 +1,155 @@
+package localpv_test
+
+import (
+	"context"
+	"errors"
+	"testing"
+
+	. "github.com/onsi/gomega"
+	"k8s.io/utils/ptr"
+
+	"github.com/canonical/k8s/pkg/client/helm"
+	helmmock "github.com/canonical/k8s/pkg/client/helm/mock"
+	"github.com/canonical/k8s/pkg/k8sd/features/localpv"
+	"github.com/canonical/k8s/pkg/k8sd/types"
+	snapmock "github.com/canonical/k8s/pkg/snap/mock"
+)
+
+func TestDisabled(t *testing.T) {
+	t.Run("HelmApplyFails", func(t *testing.T) {
+		g := NewWithT(t)
+
+		applyErr := errors.New("failed to apply")
+		helmM := &helmmock.Mock{
+			ApplyErr: applyErr,
+		}
+		snapM := &snapmock.Snap{
+			Mock: snapmock.Mock{
+				HelmClient: helmM,
+			},
+		}
+		cfg := types.LocalStorage{
+			Enabled:       ptr.To(false),
+			Default:       ptr.To(true),
+			ReclaimPolicy: ptr.To("reclaim-policy"),
+			LocalPath:     ptr.To("local-path"),
+		}
+
+		status, err := localpv.ApplyLocalStorage(context.Background(), snapM, cfg, nil)
+
+		g.Expect(err).To(MatchError(applyErr))
+		g.Expect(status.Enabled).To(BeFalse())
+		g.Expect(status.Message).To(ContainSubstring(applyErr.Error()))
+		g.Expect(status.Version).To(Equal(localpv.ImageTag))
+		g.Expect(helmM.ApplyCalledWith).To(HaveLen(1))
+
+		callArgs := helmM.ApplyCalledWith[0]
+		g.Expect(callArgs.Chart).To(Equal(localpv.Chart))
+		g.Expect(callArgs.State).To(Equal(helm.StateDeleted))
+
+		validateValues(g, callArgs.Values, cfg)
+	})
+	t.Run("Success", func(t *testing.T) {
+		g := NewWithT(t)
+
+		helmM := &helmmock.Mock{}
+		snapM := &snapmock.Snap{
+			Mock: snapmock.Mock{
+				HelmClient: helmM,
+			},
+		}
+		cfg := types.LocalStorage{
+			Enabled:       ptr.To(false),
+			Default:       ptr.To(true),
+			ReclaimPolicy: ptr.To("reclaim-policy"),
+			LocalPath:     ptr.To("local-path"),
+		}
+
+		status, err := localpv.ApplyLocalStorage(context.Background(), snapM, cfg, nil)
+
+		g.Expect(err).ToNot(HaveOccurred())
+		g.Expect(status.Enabled).To(BeFalse())
+		g.Expect(status.Version).To(Equal(localpv.ImageTag))
+		g.Expect(helmM.ApplyCalledWith).To(HaveLen(1))
+
+		callArgs := helmM.ApplyCalledWith[0]
+		g.Expect(callArgs.Chart).To(Equal(localpv.Chart))
+		g.Expect(callArgs.State).To(Equal(helm.StateDeleted))
+
+		validateValues(g, callArgs.Values, cfg)
+	})
+}
+
+func TestEnabled(t *testing.T) {
+	t.Run("HelmApplyFails", func(t *testing.T) {
+		g := NewWithT(t)
+
+		applyErr := errors.New("failed to apply")
+		helmM := &helmmock.Mock{
+			ApplyErr: applyErr,
+		}
+		snapM := &snapmock.Snap{
+			Mock: snapmock.Mock{
+				HelmClient: helmM,
+			},
+		}
+		cfg := types.LocalStorage{
+			Enabled:       ptr.To(true),
+			Default:       ptr.To(true),
+			ReclaimPolicy: ptr.To("reclaim-policy"),
+			LocalPath:     ptr.To("local-path"),
+		}
+
+		status, err := localpv.ApplyLocalStorage(context.Background(), snapM, cfg, nil)
+
+		g.Expect(err).To(MatchError(applyErr))
+		g.Expect(status.Enabled).To(BeFalse())
+		g.Expect(status.Message).To(ContainSubstring(applyErr.Error()))
+		g.Expect(status.Version).To(Equal(localpv.ImageTag))
+		g.Expect(helmM.ApplyCalledWith).To(HaveLen(1))
+
+		callArgs := helmM.ApplyCalledWith[0]
+		g.Expect(callArgs.Chart).To(Equal(localpv.Chart))
+		g.Expect(callArgs.State).To(Equal(helm.StatePresent))
+
+		validateValues(g, callArgs.Values, cfg)
+	})
+	t.Run("Success", func(t *testing.T) {
+		g := NewWithT(t)
+
+		helmM := &helmmock.Mock{}
+		snapM := &snapmock.Snap{
+			Mock: snapmock.Mock{
+				HelmClient: helmM,
+			},
+		}
+		cfg := types.LocalStorage{
+			Enabled:       ptr.To(true),
+			Default:       ptr.To(true),
+			ReclaimPolicy: ptr.To("reclaim-policy"),
+			LocalPath:     ptr.To("local-path"),
+		}
+
+		status, err := localpv.ApplyLocalStorage(context.Background(), snapM, cfg, nil)
+
+		g.Expect(err).ToNot(HaveOccurred())
+		g.Expect(status.Enabled).To(BeTrue())
+		g.Expect(status.Version).To(Equal(localpv.ImageTag))
+		g.Expect(helmM.ApplyCalledWith).To(HaveLen(1))
+
+		callArgs := helmM.ApplyCalledWith[0]
+		g.Expect(callArgs.Chart).To(Equal(localpv.Chart))
+		g.Expect(callArgs.State).To(Equal(helm.StatePresent))
+
+		validateValues(g, callArgs.Values, cfg)
+	})
+}
+
+func validateValues(g Gomega, values map[string]any, cfg types.LocalStorage) {
+	sc := values["storageClass"].(map[string]any)
+	g.Expect(sc["isDefault"]).To(Equal(cfg.GetDefault()))
+	g.Expect(sc["reclaimPolicy"]).To(Equal(cfg.GetReclaimPolicy()))
+
+	storage := values["node"].(map[string]any)["storage"].(map[string]any)
+	g.Expect(storage["path"]).To(Equal(cfg.GetLocalPath()))
+}
diff --git a/src/k8s/pkg/k8sd/features/localpv/register.go b/src/k8s/pkg/k8sd/features/localpv/register.go
index b9f5f644b..084f6a40b 100644
--- a/src/k8s/pkg/k8sd/features/localpv/register.go
+++ b/src/k8s/pkg/k8sd/features/localpv/register.go
@@ -9,7 +9,7 @@ import (
 func init() {
 	images.Register(
 		// Rawfile LocalPV CSI driver images
-		fmt.Sprintf("%s:%s", imageRepo, imageTag),
+		fmt.Sprintf("%s:%s", imageRepo, ImageTag),
 		// CSI images
 		csiNodeDriverImage,
 		csiProvisionerImage,

From 5d689100b2db6440e072e8d98327d5810ce7de5d Mon Sep 17 00:00:00 2001
From: Lucian Petrut <lpetrut@cloudbasesolutions.com>
Date: Mon, 16 Sep 2024 13:56:30 +0300
Subject: [PATCH 37/45] k8sd cluster-recover: add non-interactive mode (#662)

At the moment, the "k8sd cluster-recover" displays interactive
prompts and text editors that assist the user in updating the dqlite
configuration.

We need to be able to run the command non-interactively in order
to automate the cluster recovery procedure.

This change adds a "--non-interactive" flag. If set, we'll no longer
show confirmation prompts and we'll assume that the configuration
files have already been updated, proceeding with the dqlite recovery.
---
 docs/src/snap/howto/restore-quorum.md    |  74 +++++---
 src/k8s/cmd/k8sd/k8sd_cluster_recover.go | 232 +++++++++++++----------
 2 files changed, 183 insertions(+), 123 deletions(-)

diff --git a/docs/src/snap/howto/restore-quorum.md b/docs/src/snap/howto/restore-quorum.md
index aeb15b721..99a8c4e8b 100755
--- a/docs/src/snap/howto/restore-quorum.md
+++ b/docs/src/snap/howto/restore-quorum.md
@@ -1,9 +1,9 @@
 # Recovering a Cluster After Quorum Loss
 
 Highly available {{product}} clusters can survive losing one or more
-nodes. [Dqlite], the default datastore, implements a [Raft] based protocol where
-an elected leader holds the definitive copy of the database, which is then
-replicated on two or more secondary nodes.
+nodes. [Dqlite], the default datastore, implements a [Raft] based protocol
+where an elected leader holds the definitive copy of the database, which is
+then replicated on two or more secondary nodes.
 
 When the a majority of the nodes are lost, the cluster becomes unavailable.
 If at least one database node survived, the cluster can be recovered using the
@@ -64,8 +64,8 @@ sudo snap stop k8s
 
 ## Recover the Database
 
-Choose one of the remaining alive cluster nodes that has the most recent version
-of the Raft log.
+Choose one of the remaining alive cluster nodes that has the most recent
+version of the Raft log.
 
 Update the ``cluster.yaml`` files, changing the role of the lost nodes to
 "spare" (2). Additionally, double check the addresses and IDs specified in
@@ -73,7 +73,8 @@ Update the ``cluster.yaml`` files, changing the role of the lost nodes to
 files were moved across nodes.
 
 The following command guides us through the recovery process, prompting a text
-editor with informative inline comments for each of the dqlite configuration files.
+editor with informative inline comments for each of the dqlite configuration
+files.
 
 ```
 sudo /snap/k8s/current/bin/k8sd cluster-recover \
@@ -82,29 +83,40 @@ sudo /snap/k8s/current/bin/k8sd cluster-recover \
     --log-level 0
 ```
 
-Please adjust the log level for additional debug messages by increasing its value.
-The command creates database backups before making any changes.
+Please adjust the log level for additional debug messages by increasing its
+value. The command creates database backups before making any changes.
 
-The above command will reconfigure the Raft members and create recovery tarballs
-that are used to restore the lost nodes, once the Dqlite configuration is updated.
+The above command will reconfigure the Raft members and create recovery
+tarballs that are used to restore the lost nodes, once the Dqlite
+configuration is updated.
 
 ```{note}
-By default, the command will recover both Dqlite databases. If one of the databases
-needs to be skipped, use the ``--skip-k8sd`` or ``--skip-k8s-dqlite`` flags.
-This can be useful when using an external Etcd database.
+By default, the command will recover both Dqlite databases. If one of the
+databases needs to be skipped, use the ``--skip-k8sd`` or ``--skip-k8s-dqlite``
+flags. This can be useful when using an external Etcd database.
 ```
 
-Once the "cluster-recover" command completes, restart the k8s services on the node:
+```{note}
+Non-interactive mode can be requested using the ``--non-interactive`` flag.
+In this case, no interactive prompts or text editors will be displayed and
+the command will assume that the configuration files have already been updated.
+
+This allows automating the recovery procedure.
+```
+
+Once the "cluster-recover" command completes, restart the k8s services on the
+node:
 
 ```
 sudo snap start k8s
 ```
 
-Ensure that the services started successfully by using ``sudo snap services k8s``.
-Use ``k8s status --wait-ready`` to wait for the cluster to become ready.
+Ensure that the services started successfully by using
+``sudo snap services k8s``. Use ``k8s status --wait-ready`` to wait for the
+cluster to become ready.
 
-You may notice that we have not returned to an HA cluster yet: ``high availability: no``.
-This is expected as we need to recover
+You may notice that we have not returned to an HA cluster yet:
+``high availability: no``. This is expected as we need to recover
 
 ## Recover the remaining nodes
 
@@ -113,28 +125,34 @@ nodes.
 
 For k8sd, copy ``recovery_db.tar.gz`` to
 ``/var/snap/k8s/common/var/lib/k8sd/state/recovery_db.tar.gz``. When the k8sd
-service starts, it will load the archive and perform the necessary recovery steps.
+service starts, it will load the archive and perform the necessary recovery
+steps.
 
 The k8s-dqlite archive needs to be extracted manually. First, create a backup
 of the current k8s-dqlite state directory:
 
 ```
-sudo mv /var/snap/k8s/common/var/lib/k8s-dqlite /var/snap/k8s/common/var/lib/k8s-dqlite.bkp
+sudo mv /var/snap/k8s/common/var/lib/k8s-dqlite \
+  /var/snap/k8s/common/var/lib/k8s-dqlite.bkp
 ```
 
 Then, extract the backup archive:
 
 ```
 sudo mkdir /var/snap/k8s/common/var/lib/k8s-dqlite
-sudo tar xf  recovery-k8s-dqlite-$timestamp-post-recovery.tar.gz -C /var/snap/k8s/common/var/lib/k8s-dqlite
+sudo tar xf  recovery-k8s-dqlite-$timestamp-post-recovery.tar.gz \
+  -C /var/snap/k8s/common/var/lib/k8s-dqlite
 ```
 
 Node specific files need to be copied back to the k8s-dqlite state dir:
 
 ```
-sudo cp /var/snap/k8s/common/var/lib/k8s-dqlite.bkp/cluster.crt /var/snap/k8s/common/var/lib/k8s-dqlite
-sudo cp /var/snap/k8s/common/var/lib/k8s-dqlite.bkp/cluster.key /var/snap/k8s/common/var/lib/k8s-dqlite
-sudo cp /var/snap/k8s/common/var/lib/k8s-dqlite.bkp/info.yaml /var/snap/k8s/common/var/lib/k8s-dqlite
+sudo cp /var/snap/k8s/common/var/lib/k8s-dqlite.bkp/cluster.crt \
+  /var/snap/k8s/common/var/lib/k8s-dqlite
+sudo cp /var/snap/k8s/common/var/lib/k8s-dqlite.bkp/cluster.key \
+  /var/snap/k8s/common/var/lib/k8s-dqlite
+sudo cp /var/snap/k8s/common/var/lib/k8s-dqlite.bkp/info.yaml \
+  /var/snap/k8s/common/var/lib/k8s-dqlite
 ```
 
 Once these steps are completed, restart the k8s services:
@@ -143,13 +161,15 @@ Once these steps are completed, restart the k8s services:
 sudo snap start k8s
 ```
 
-Repeat these steps for all remaining nodes. Once a quorum is achieved, the cluster
-will be reported as "highly available":
+Repeat these steps for all remaining nodes. Once a quorum is achieved,
+the cluster will be reported as "highly available":
 
 ```
 $ sudo k8s status
 cluster status:           ready
-control plane nodes:      10.80.130.168:6400 (voter), 10.80.130.167:6400 (voter), 10.80.130.164:6400 (voter)
+control plane nodes:      10.80.130.168:6400 (voter),
+                          10.80.130.167:6400 (voter),
+                          10.80.130.164:6400 (voter)
 high availability:        yes
 datastore:                k8s-dqlite
 network:                  enabled
diff --git a/src/k8s/cmd/k8sd/k8sd_cluster_recover.go b/src/k8s/cmd/k8sd/k8sd_cluster_recover.go
index 766acc49f..204dbbabd 100755
--- a/src/k8s/cmd/k8sd/k8sd_cluster_recover.go
+++ b/src/k8s/cmd/k8sd/k8sd_cluster_recover.go
@@ -28,7 +28,7 @@ import (
 	"github.com/canonical/k8s/pkg/utils"
 )
 
-const recoveryConfirmation = `You should only run this command if:
+const preRecoveryMessage = `You should only run this command if:
  - A quorum of cluster members is permanently lost
  - You are *absolutely* sure all k8s daemons are stopped (sudo snap stop k8s)
  - This instance has the most up to date database
@@ -36,8 +36,17 @@ const recoveryConfirmation = `You should only run this command if:
 Note that before applying any changes, a database backup is created at:
 * k8sd (microcluster): /var/snap/k8s/common/var/lib/k8sd/state/db_backup.<timestamp>.tar.gz
 * k8s-dqlite: /var/snap/k8s/common/recovery-k8s-dqlite-<timestamp>-pre-recovery.tar.gz
+`
+
+const recoveryConfirmation = "Do you want to proceed? (yes/no): "
+
+const nonInteractiveMessage = `Non-interactive mode requested.
 
-Do you want to proceed? (yes/no): `
+The command will assume that the dqlite configuration files have already been
+modified with the updated cluster member roles and addresses.
+
+Initiating the dqlite database recovery.
+`
 
 const clusterK8sdYamlRecoveryComment = `# Member roles can be modified. Unrecoverable nodes should be given the role "spare".
 #
@@ -75,6 +84,7 @@ const yamlHelperCommentFooter = "# ------- everything below will be written ----
 
 var clusterRecoverOpts struct {
 	K8sDqliteStateDir string
+	NonInteractive    bool
 	SkipK8sd          bool
 	SkipK8sDqlite     bool
 }
@@ -145,6 +155,8 @@ func newClusterRecoverCmd() *cobra.Command {
 
 	cmd.Flags().StringVar(&clusterRecoverOpts.K8sDqliteStateDir, "k8s-dqlite-state-dir",
 		"", "k8s-dqlite datastore location")
+	cmd.Flags().BoolVar(&clusterRecoverOpts.NonInteractive, "non-interactive",
+		false, "disable interactive prompts, assume that the configs have been updated")
 	cmd.Flags().BoolVar(&clusterRecoverOpts.SkipK8sd, "skip-k8sd",
 		false, "skip k8sd recovery")
 	cmd.Flags().BoolVar(&clusterRecoverOpts.SkipK8sDqlite, "skip-k8s-dqlite",
@@ -171,8 +183,8 @@ func recoveryCmdPrechecks(ctx context.Context) error {
 
 	log.V(1).Info("Running prechecks.")
 
-	if !termios.IsTerminal(unix.Stdin) {
-		return fmt.Errorf("this command is meant to be run in an interactive terminal")
+	if !termios.IsTerminal(unix.Stdin) && !clusterRecoverOpts.NonInteractive {
+		return fmt.Errorf("interactive mode requested in a non-interactive terminal")
 	}
 
 	if clusterRecoverOpts.K8sDqliteStateDir == "" {
@@ -182,21 +194,31 @@ func recoveryCmdPrechecks(ctx context.Context) error {
 		return fmt.Errorf("k8sd state dir not specified")
 	}
 
-	reader := bufio.NewReader(os.Stdin)
-	fmt.Print(recoveryConfirmation)
+	fmt.Print(preRecoveryMessage)
+	fmt.Print("\n")
 
-	input, err := reader.ReadString('\n')
-	if err != nil {
-		return fmt.Errorf("couldn't read user input, error: %w", err)
-	}
-	input = strings.TrimSuffix(input, "\n")
+	if clusterRecoverOpts.NonInteractive {
+		fmt.Print(nonInteractiveMessage)
+		fmt.Print("\n")
+	} else {
+		reader := bufio.NewReader(os.Stdin)
+		fmt.Print(recoveryConfirmation)
+
+		input, err := reader.ReadString('\n')
+		if err != nil {
+			return fmt.Errorf("couldn't read user input, error: %w", err)
+		}
+		input = strings.TrimSuffix(input, "\n")
 
-	if strings.ToLower(input) != "yes" {
-		return fmt.Errorf("cluster edit aborted; no changes made")
+		if strings.ToLower(input) != "yes" {
+			return fmt.Errorf("cluster edit aborted; no changes made")
+		}
+
+		fmt.Print("\n")
 	}
 
 	if !clusterRecoverOpts.SkipK8sDqlite {
-		if err = ensureK8sDqliteMembersStopped(ctx); err != nil {
+		if err := ensureK8sDqliteMembersStopped(ctx); err != nil {
 			return err
 		}
 	}
@@ -376,59 +398,64 @@ func recoverK8sd() (string, error) {
 	clusterYamlPath := path.Join(m.FileSystem.DatabaseDir, "cluster.yaml")
 	clusterYamlCommentHeader := fmt.Sprintf("# K8sd cluster configuration\n# (based on the trust store and %s)\n", clusterYamlPath)
 
-	clusterYamlContent, err := yamlEditorGuide(
-		"",
-		false,
-		slices.Concat(
-			[]byte(clusterYamlCommentHeader),
-			[]byte("#\n"),
-			[]byte(clusterK8sdYamlRecoveryComment),
-			[]byte(yamlHelperCommentFooter),
-			[]byte("\n"),
-			oldMembersYaml,
-		),
-		false,
-	)
-	if err != nil {
-		return "", fmt.Errorf("interactive text editor failed, error: %w", err)
-	}
+	clusterYamlContent := oldMembersYaml
+	if !clusterRecoverOpts.NonInteractive {
+		// Interactive mode requested (default).
+		// Assist the user in configuring dqlite.
+		clusterYamlContent, err = yamlEditorGuide(
+			"",
+			false,
+			slices.Concat(
+				[]byte(clusterYamlCommentHeader),
+				[]byte("#\n"),
+				[]byte(clusterK8sdYamlRecoveryComment),
+				[]byte(yamlHelperCommentFooter),
+				[]byte("\n"),
+				oldMembersYaml,
+			),
+			false,
+		)
+		if err != nil {
+			return "", fmt.Errorf("interactive text editor failed, error: %w", err)
+		}
 
-	infoYamlPath := path.Join(m.FileSystem.DatabaseDir, "info.yaml")
-	infoYamlCommentHeader := fmt.Sprintf("# K8sd info.yaml\n# (%s)\n", infoYamlPath)
-	_, err = yamlEditorGuide(
-		infoYamlPath,
-		true,
-		slices.Concat(
-			[]byte(infoYamlCommentHeader),
-			[]byte("#\n"),
-			[]byte(infoYamlRecoveryComment),
-			utils.YamlCommentLines(clusterYamlContent),
-			[]byte("\n"),
-			[]byte(yamlHelperCommentFooter),
-		),
-		true,
-	)
-	if err != nil {
-		return "", fmt.Errorf("interactive text editor failed, error: %w", err)
-	}
+		infoYamlPath := path.Join(m.FileSystem.DatabaseDir, "info.yaml")
+		infoYamlCommentHeader := fmt.Sprintf("# K8sd info.yaml\n# (%s)\n", infoYamlPath)
+		_, err = yamlEditorGuide(
+			infoYamlPath,
+			true,
+			slices.Concat(
+				[]byte(infoYamlCommentHeader),
+				[]byte("#\n"),
+				[]byte(infoYamlRecoveryComment),
+				utils.YamlCommentLines(clusterYamlContent),
+				[]byte("\n"),
+				[]byte(yamlHelperCommentFooter),
+			),
+			true,
+		)
+		if err != nil {
+			return "", fmt.Errorf("interactive text editor failed, error: %w", err)
+		}
 
-	daemonYamlPath := path.Join(m.FileSystem.StateDir, "daemon.yaml")
-	daemonYamlCommentHeader := fmt.Sprintf("# K8sd daemon.yaml\n# (%s)\n", daemonYamlPath)
-	_, err = yamlEditorGuide(
-		daemonYamlPath,
-		true,
-		slices.Concat(
-			[]byte(daemonYamlCommentHeader),
-			[]byte("#\n"),
-			[]byte(daemonYamlRecoveryComment),
-			utils.YamlCommentLines(clusterYamlContent),
-			[]byte("\n"),
-			[]byte(yamlHelperCommentFooter),
-		),
-		true,
-	)
-	if err != nil {
-		return "", fmt.Errorf("interactive text editor failed, error: %w", err)
+		daemonYamlPath := path.Join(m.FileSystem.StateDir, "daemon.yaml")
+		daemonYamlCommentHeader := fmt.Sprintf("# K8sd daemon.yaml\n# (%s)\n", daemonYamlPath)
+		_, err = yamlEditorGuide(
+			daemonYamlPath,
+			true,
+			slices.Concat(
+				[]byte(daemonYamlCommentHeader),
+				[]byte("#\n"),
+				[]byte(daemonYamlRecoveryComment),
+				utils.YamlCommentLines(clusterYamlContent),
+				[]byte("\n"),
+				[]byte(yamlHelperCommentFooter),
+			),
+			true,
+		)
+		if err != nil {
+			return "", fmt.Errorf("interactive text editor failed, error: %w", err)
+		}
 	}
 
 	newMembers := []cluster.DqliteMember{}
@@ -465,40 +492,53 @@ func recoverK8sd() (string, error) {
 func recoverK8sDqlite() (string, string, error) {
 	k8sDqliteStateDir := clusterRecoverOpts.K8sDqliteStateDir
 
+	var err error
+	clusterYamlContent := []byte{}
 	clusterYamlPath := path.Join(k8sDqliteStateDir, "cluster.yaml")
 	clusterYamlCommentHeader := fmt.Sprintf("# k8s-dqlite cluster configuration\n# (%s)\n", clusterYamlPath)
-	clusterYamlContent, err := yamlEditorGuide(
-		clusterYamlPath,
-		true,
-		slices.Concat(
-			[]byte(clusterYamlCommentHeader),
-			[]byte("#\n"),
-			[]byte(clusterK8sDqliteRecoveryComment),
-			[]byte(yamlHelperCommentFooter),
-		),
-		true,
-	)
-	if err != nil {
-		return "", "", fmt.Errorf("interactive text editor failed, error: %w", err)
-	}
 
-	infoYamlPath := path.Join(k8sDqliteStateDir, "info.yaml")
-	infoYamlCommentHeader := fmt.Sprintf("# k8s-dqlite info.yaml\n# (%s)\n", infoYamlPath)
-	_, err = yamlEditorGuide(
-		infoYamlPath,
-		true,
-		slices.Concat(
-			[]byte(infoYamlCommentHeader),
-			[]byte("#\n"),
-			[]byte(infoYamlRecoveryComment),
-			utils.YamlCommentLines(clusterYamlContent),
-			[]byte("\n"),
-			[]byte(yamlHelperCommentFooter),
-		),
-		true,
-	)
-	if err != nil {
-		return "", "", fmt.Errorf("interactive text editor failed, error: %w", err)
+	if clusterRecoverOpts.NonInteractive {
+		clusterYamlContent, err = os.ReadFile(clusterYamlPath)
+		if err != nil {
+			return "", "", fmt.Errorf(
+				"could not read k8s-dqlite cluster.yaml, error: %w", err)
+		}
+	} else {
+		// Interactive mode requested (default).
+		// Assist the user in configuring dqlite.
+		clusterYamlContent, err = yamlEditorGuide(
+			clusterYamlPath,
+			true,
+			slices.Concat(
+				[]byte(clusterYamlCommentHeader),
+				[]byte("#\n"),
+				[]byte(clusterK8sDqliteRecoveryComment),
+				[]byte(yamlHelperCommentFooter),
+			),
+			true,
+		)
+		if err != nil {
+			return "", "", fmt.Errorf("interactive text editor failed, error: %w", err)
+		}
+
+		infoYamlPath := path.Join(k8sDqliteStateDir, "info.yaml")
+		infoYamlCommentHeader := fmt.Sprintf("# k8s-dqlite info.yaml\n# (%s)\n", infoYamlPath)
+		_, err = yamlEditorGuide(
+			infoYamlPath,
+			true,
+			slices.Concat(
+				[]byte(infoYamlCommentHeader),
+				[]byte("#\n"),
+				[]byte(infoYamlRecoveryComment),
+				utils.YamlCommentLines(clusterYamlContent),
+				[]byte("\n"),
+				[]byte(yamlHelperCommentFooter),
+			),
+			true,
+		)
+		if err != nil {
+			return "", "", fmt.Errorf("interactive text editor failed, error: %w", err)
+		}
 	}
 
 	newMembers := []dqlite.NodeInfo{}

From f899f5c1ddcd920b17ab87f76d6eb538b96c1342 Mon Sep 17 00:00:00 2001
From: "github-actions[bot]"
 <41898282+github-actions[bot]@users.noreply.github.com>
Date: Mon, 16 Sep 2024 12:52:44 -0500
Subject: [PATCH 38/45] [main] Update component versions (#674)

Co-authored-by: addyess <10090033+addyess@users.noreply.github.com>
---
 build-scripts/components/cni/version        | 2 +-
 build-scripts/components/kubernetes/version | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/build-scripts/components/cni/version b/build-scripts/components/cni/version
index 2e7bd9108..53b5bbb12 100644
--- a/build-scripts/components/cni/version
+++ b/build-scripts/components/cni/version
@@ -1 +1 @@
-v1.5.0
+v1.5.1
diff --git a/build-scripts/components/kubernetes/version b/build-scripts/components/kubernetes/version
index d3aa76971..085dad940 100644
--- a/build-scripts/components/kubernetes/version
+++ b/build-scripts/components/kubernetes/version
@@ -1 +1 @@
-v1.31.0
+v1.31.1

From bccb61677456342999fbba39f4d642c4cd6e968d Mon Sep 17 00:00:00 2001
From: Nick Veitch <nick.veitch@canonical.com>
Date: Tue, 17 Sep 2024 15:38:12 +0100
Subject: [PATCH 39/45] Add epa explanation docs (#595)

---------

Co-authored-by: Yanisa Haley Scherber <yhscherber@gmail.com>
---
 docs/src/snap/explanation/epa.md   | 544 +++++++++++++++++++++++++++++
 docs/src/snap/explanation/index.md |   1 +
 2 files changed, 545 insertions(+)
 create mode 100644 docs/src/snap/explanation/epa.md

diff --git a/docs/src/snap/explanation/epa.md b/docs/src/snap/explanation/epa.md
new file mode 100644
index 000000000..a0884df55
--- /dev/null
+++ b/docs/src/snap/explanation/epa.md
@@ -0,0 +1,544 @@
+# Enhanced Platform Awareness
+
+Enhanced Platform Awareness (EPA) is a methodology and a set of enhancements
+across various layers of the orchestration stack.
+
+EPA focuses on discovering, scheduling and isolating server hardware
+capabilities. This document provides a detailed guide of how EPA applies to
+{{product}}, which centre around the following technologies:
+
+-  **HugePage support**: In GA from Kubernetes v1.14, this feature enables the
+   discovery, scheduling and allocation of HugePages as a first-class
+   resource.  
+-  **Real-time kernel**: Ensures that high-priority tasks are run within a
+   predictable time frame, providing the low latency and high determinism
+   essential for time-sensitive applications.  
+-  **CPU pinning** (CPU Manager for Kubernetes (CMK)): In GA from Kubernetes
+   v1.26, provides mechanisms for CPU pinning and isolation of containerised
+   workloads.  
+-  **NUMA topology awareness**: Ensures that CPU and memory allocation are
+   aligned according to the NUMA architecture, reducing memory latency and
+   increasing performance for memory-intensive applications.  
+-  **Single Root I/O Virtualization (SR-IOV)**: Enhances networking by enabling
+   virtualisation of a single physical network device into multiple virtual
+   devices.  
+-  **DPDK (Data Plane Development Kit)**: A set of libraries and drivers for
+   fast packet processing, designed to run in user space, optimising network
+   performance and reducing latency.
+
+This document provides relevant links to detailed instructions for setting up
+and installing these technologies. It is designed for developers
+and architects who wish to integrate these new technologies into their
+{{product}}-based networking solutions. 
+
+## HugePages 
+
+HugePages are a feature in the Linux kernel which enables the allocation of
+larger memory pages. This reduces the overhead of managing large amounts of
+memory and can improve performance for applications that require significant
+memory access.
+
+### Key features
+
+-  **Larger memory pages**: HugePages provide larger memory pages (e.g., 2MB or
+   1GB) compared to the standard 4KB pages, reducing the number of pages the
+   system must manage.  
+-  **Reduced overhead**: By using fewer, larger pages, the system reduces the
+   overhead associated with page table entries, leading to improved memory
+   management efficiency.  
+-  **Improved TLB performance**: The Translation Lookaside Buffer (TLB) stores
+   recent translations of virtual memory to physical memory addresses. Using
+   HugePages increases TLB hit rates, reducing the frequency of memory
+   translation lookups.  
+-  **Enhanced application performance**: Applications that access large amounts
+   of memory can benefit from HugePages by experiencing lower latency and
+   higher throughput due to reduced page faults and better memory access
+   patterns.  
+-  **Support for high-performance workloads**: Ideal for high-performance
+   computing (HPC) applications, databases and other memory-intensive
+   workloads that demand efficient and fast memory access.  
+-  **Native Kubernetes integration**: Starting from Kubernetes v1.14, HugePages
+   are supported as a native, first-class resource, enabling their
+   discovery, scheduling and allocation within Kubernetes environments.
+
+### Application to Kubernetes
+
+The architecture for HugePages on Kubernetes integrates the management and
+allocation of large memory pages into the Kubernetes orchestration system. Here
+are the key architectural components and their roles:
+
+-  **Node configuration**: Each Kubernetes node must be configured to reserve
+   HugePages. This involves setting the number of HugePages in the node's
+   kernel boot parameters.  
+-  **Kubelet configuration**: The `kubelet` on each node must be configured to
+   recognise and manage HugePages. This is typically done through the `kubelet`
+   configuration file, specifying the size and number of HugePages.  
+-  **Pod specification**: HugePages are requested and allocated at the pod
+   level through resource requests and limits in the pod specification. Pods
+   can request specific sizes of HugePages (e.g., 2MB or 1GB).  
+-  **Scheduler awareness**: The Kubernetes scheduler is aware of HugePages as a
+   resource and schedules pods onto nodes that have sufficient HugePages
+   available. This ensures that pods with HugePages requirements are placed
+   appropriately. Scheduler configurations and policies can be adjusted to
+   optimise HugePages allocation and utilisation.  
+-  **Node Feature Discovery (NFD)**: Node Feature Discovery can be used to
+   label nodes with their HugePages capabilities. This enables scheduling
+   decisions to be based on the available HugePages resources.  
+-  **Resource quotas and limits**: Kubernetes enables the definition of resource
+   quotas and limits to control the allocation of HugePages across namespaces.
+   This helps in managing and isolating resource usage effectively.  
+-  **Monitoring and metrics**: Kubernetes provides tools and integrations
+   (e.g., Prometheus, Grafana) to monitor and visualise HugePages usage across
+   the cluster. This helps in tracking resource utilisation and performance.
+   Metrics can include HugePages allocation, usage and availability on each
+   node, aiding in capacity planning and optimization.
+
+## Real-time kernel 
+
+A real-time kernel ensures that high-priority tasks are run within a
+predictable timeframe, crucial for applications requiring low latency and high
+determinism. Note that this can also impede applications which were not
+designed with these considerations. 
+
+### Key features
+
+-  **Predictable task execution**: A real-time kernel ensures that
+   high-priority tasks are run within a predictable and bounded timeframe,
+   reducing the variability in task execution time.  
+-  **Low latency**: The kernel is optimised to minimise the time it takes to
+   respond to high-priority tasks, which is crucial for applications that
+   require immediate processing.  
+-  **Priority-based scheduling**: Tasks are scheduled based on their priority
+   levels, with real-time tasks being given precedence over other types of
+   tasks to ensure they are processed promptly.  
+-  **Deterministic behaviour**: The kernel guarantees deterministic behaviour,
+   meaning the same task will have the same response time every time it is
+   run, essential for time-sensitive applications.  
+-  **Pre-emption:** The real-time kernel supports preemptive multitasking,
+   allowing high-priority tasks to interrupt lower-priority tasks to ensure
+   critical tasks are run without delay.  
+-  **Resource reservation**: System resources (such as CPU and memory) can be
+   reserved by the kernel for real-time tasks, ensuring that these resources
+   are available when needed.  
+-  **Enhanced interrupt handling**: Interrupt handling is optimised to ensure
+   minimal latency and jitter, which is critical for maintaining the
+   performance of real-time applications.  
+-  **Real-time scheduling policies**: The kernel includes specific scheduling
+   policies (e.g., SCHED\_FIFO, SCHED\_RR) designed to manage real-time tasks
+   effectively and ensure they meet their deadlines.
+
+These features make a real-time kernel ideal for applications requiring precise
+timing and high reliability.
+
+### Application to Kubernetes
+
+The architecture for integrating a real-time kernel into Kubernetes involves
+several components and configurations to ensure that high-priority, low-latency
+tasks can be managed effectively within a Kubernetes environment. Here are the
+key architectural components and their roles:
+
+-  **Real-time kernel installation**: Each Kubernetes node must run a real-time
+   kernel. This involves installing a real-time kernel package and configuring
+   the system to use it.  
+-  **Kernel boot parameters**: The kernel boot parameters must be configured to
+   optimise for real-time performance. This includes isolating CPU cores and
+   configuring other kernel parameters for real-time behaviour.  
+-  **Kubelet configuration**: The `kubelet` on each node must be configured to
+   recognise and manage real-time workloads. This can involve setting specific
+   `kubelet` flags and configurations.  
+-  **Pod specification**: Real-time workloads are specified at the pod level
+   through resource requests and limits. Pods can request dedicated CPU cores
+   and other resources to ensure they meet real-time requirements.  
+-  **CPU Manager**: Kubernetes’ CPU Manager is a critical component for
+   real-time workloads. It enables the static allocation of CPUs to
+   containers, ensuring that specific CPU cores are dedicated to particular
+   workloads.  
+-  **Scheduler awareness**: The Kubernetes scheduler must be aware of real-time
+   requirements and prioritise scheduling pods onto nodes with available
+   real-time resources.  
+-  **Priority and preemption**: Kubernetes supports priority and preemption to
+   ensure that critical real-time pods are scheduled and run as needed. This
+   involves defining pod priorities and enabling preemption to ensure
+   high-priority pods can displace lower-priority ones if necessary.  
+-  **Resource quotas and limits**: Kubernetes can define resource quotas
+   and limits to control the allocation of resources for real-time workloads
+   across namespaces. This helps manage and isolate resource usage effectively.
+-  **Monitoring and metrics**: Monitoring tools such as Prometheus and Grafana
+   can be used to track the performance and resource utilisation of real-time
+   workloads. Metrics include CPU usage, latency and task scheduling times,
+   which help in optimising and troubleshooting real-time applications.  
+-  **Security and isolation**: Security contexts and isolation mechanisms
+   ensure that real-time workloads are protected and run in a controlled
+   environment. This includes setting privileged containers and configuring
+   namespaces.
+
+## CPU pinning 
+
+CPU pinning enables specific CPU cores to be dedicated to a particular process
+or container, ensuring that the process runs on the same CPU core(s) every
+time, which reduces context switching and cache invalidation.
+
+### Key features 
+
+-  **Dedicated CPU Cores**: CPU pinning allocates specific CPU cores to a
+   process or container, ensuring consistent and predictable CPU usage.  
+-  **Reduced context switching**: By running a process or container on the same
+   CPU core(s), CPU pinning minimises the overhead associated with context
+   switching, leading to better performance.  
+-  **Improved cache utilisation**: When a process runs on a dedicated CPU core,
+   it can take full advantage of the CPU cache, reducing the need to fetch data
+   from main memory and improving overall performance.  
+-  **Enhanced application performance**: Applications that require low latency
+   and high performance benefit from CPU pinning as it ensures they have
+   dedicated processing power without interference from other processes.  
+-  **Consistent performance**: CPU pinning ensures that a process or container
+   receives consistent CPU performance, which is crucial for real-time and
+   performance-sensitive applications.  
+-  **Isolation of workloads**: CPU pinning isolates workloads on specific CPU
+   cores, preventing them from being affected by other workloads running on
+   different cores. This is especially useful in multi-tenant environments.  
+-  **Improved predictability**: By eliminating the variability introduced by
+   sharing CPU cores, CPU pinning provides more predictable performance
+   characteristics for critical applications.  
+-  **Integration with Kubernetes**: Kubernetes supports CPU pinning through the
+   CPU Manager (in GA since v1.26), which allows for the static allocation of
+   CPUs to containers. This ensures that containers with high CPU demands have
+   the necessary resources.
+
+### Application to Kubernetes
+
+The architecture for CPU pinning in Kubernetes involves several components and
+configurations to ensure that specific CPU cores can be dedicated to particular
+processes or containers, thereby enhancing performance and predictability. Here
+are the key architectural components and their roles:
+
+-  **Kubelet configuration**: The `kubelet` on each node must be configured to
+   enable CPU pinning. This involves setting specific `kubelet` flags to
+   activate the CPU Manager.  
+-  **CPU manager**: Kubernetes’ CPU Manager is a critical component for CPU
+   pinning. It allows for the static allocation of CPUs to containers, ensuring
+   that specific CPU cores are dedicated to particular workloads. The CPU
+   Manager can be configured to either static or none. Static policy enables
+   exclusive CPU core allocation to Guaranteed QoS (Quality of Service) pods.  
+-  **Pod specification**: Pods must be specified to request dedicated CPU
+   resources. This is done through resource requests and limits in the pod
+   specification.  
+-  **Scheduler awareness**: The Kubernetes scheduler must be aware of the CPU
+   pinning requirements. It schedules pods onto nodes with available CPU
+   resources as requested by the pod specification. The scheduler ensures that
+   pods with specific CPU pinning requests are placed on nodes with sufficient
+   free dedicated CPUs.  
+-  **NUMA Topology Awareness**: For optimal performance, CPU pinning should be
+   aligned with NUMA (Non-Uniform Memory Access) topology. This ensures that
+   memory accesses are local to the CPU, reducing latency. Kubernetes can be
+   configured to be NUMA-aware, using the Topology Manager to align CPU
+   and memory allocation with NUMA nodes.  
+-  **Node Feature Discovery (NFD)**: Node Feature Discovery can be used to
+   label nodes with their CPU capabilities, including the availability of
+   isolated and reserved CPU cores.  
+-  **Resource quotas and limits**: Kubernetes can define resource quotas
+   and limits to control the allocation of CPU resources across namespaces.
+   This helps in managing and isolating resource usage effectively.  
+-  **Monitoring and metrics**: Monitoring tools such as Prometheus and Grafana
+   can be used to track the performance and resource utilisation of CPU-pinned
+   workloads. Metrics include CPU usage, core allocation and task scheduling
+   times, which help in optimising and troubleshooting performance-sensitive
+   applications.  
+-  **Isolation and security**: Security contexts and isolation mechanisms
+   ensure that CPU-pinned workloads are protected and run in a controlled
+   environment. This includes setting privileged containers and configuring
+   namespaces to avoid resource contention.  
+-  **Performance Tuning**: Additional performance tuning can be achieved by
+   isolating CPU cores at the OS level and configuring kernel parameters to
+   minimise interference from other processes. This includes setting CPU
+   isolation and `nohz_full` parameters (reduces the number of scheduling-clock
+   interrupts, improving energy efficiency and [reducing OS jitter][no_hz]).
+
+## NUMA topology awareness 
+
+NUMA (Non-Uniform Memory Access) topology awareness ensures that the CPU and
+memory allocation are aligned according to the NUMA architecture, which can
+reduce memory latency and increase performance for memory-intensive
+applications.
+
+The Kubernetes Memory Manager enables the feature of guaranteed memory (and
+HugePages) allocation for pods in the Guaranteed QoS (Quality of Service)
+class.
+
+The Memory Manager employs hint generation protocol to yield the most suitable
+NUMA affinity for a pod. The Memory Manager feeds the central manager (Topology
+Manager) with these affinity hints. Based on both the hints and Topology
+Manager policy, the pod is rejected or admitted to the node.
+
+Moreover, the Memory Manager ensures that the memory which a pod requests is
+allocated from a minimum number of NUMA nodes.
+
+### Key features
+
+-  **Aligned CPU and memory allocation**: NUMA topology awareness ensures that
+   CPUs and memory are allocated in alignment with the NUMA architecture,
+   minimising cross-node memory access latency.  
+-  **Reduced memory latency**: By ensuring that memory is accessed from the
+   same NUMA node as the CPU, NUMA topology awareness reduces memory latency,
+   leading to improved performance for memory-intensive applications.  
+-  **Increased performance**: Applications benefit from increased performance
+   due to optimised memory access patterns, which is especially critical for
+   high-performance computing and data-intensive tasks.  
+-  **Kubernetes Memory Manager**: The Kubernetes Memory Manager supports
+   guaranteed memory allocation for pods in the Guaranteed QoS (Quality of
+   Service) class, ensuring predictable performance.  
+-  **Hint generation protocol**: The Memory Manager uses a hint generation
+   protocol to determine the most suitable NUMA affinity for a pod, helping to
+   optimise resource allocation based on NUMA topology.  
+-  **Integration with Topology Manager**: The Memory Manager provides NUMA
+   affinity hints to the Topology Manager. The Topology Manager then decides
+   whether to admit or reject the pod based on these hints and the configured
+   policy.  
+-  **Optimised resource allocation**: The Memory Manager ensures that the
+   memory requested by a pod is allocated from the minimum number of NUMA
+   nodes, thereby optimising resource usage and performance.  
+-  **Enhanced scheduling decisions**: The Kubernetes scheduler, in conjunction
+   with the Topology Manager, makes informed decisions about pod placement to
+   ensure optimal NUMA alignment, improving overall cluster efficiency.  
+-  **Support for HugePages**: The Memory Manager also supports the allocation
+   of HugePages, ensuring that large memory pages are allocated in a NUMA-aware
+   manner, further enhancing performance for applications that require large
+   memory pages.  
+-  **Improved application predictability**: By aligning CPU and memory
+   allocation with NUMA topology, applications experience more predictable
+   performance characteristics, crucial for real-time and latency-sensitive
+   workloads.  
+-  **Policy-Based Management**: NUMA topology awareness can be managed through
+   policies so that administrators can configure how resources should be
+   allocated based on the NUMA architecture, providing flexibility and control.
+
+### Application to Kubernetes
+
+The architecture for NUMA topology awareness in Kubernetes involves several
+components and configurations to ensure that CPU and memory allocations are
+optimised according to the NUMA architecture. This setup reduces memory latency
+and enhances performance for memory intensive applications. Here are the key
+architectural components and their roles:
+
+-  **Node configuration**: Each Kubernetes node must have NUMA-aware hardware.
+   The system's NUMA topology can be inspected using tools such as `lscpu` or
+   `numactl`.  
+-  **Kubelet configuration**: The `kubelet` on each node must be configured to
+   enable NUMA topology awareness. This involves setting specific `kubelet`
+   flags to activate the Topology Manager.  
+-  **Topology Manager**: The Topology Manager is a critical component that
+   coordinates resource allocation based on NUMA topology. It receives NUMA
+   affinity hints from other managers (e.g., CPU Manager, Device Manager) and
+   makes informed scheduling decisions.  
+-  **Memory Manager**: The Kubernetes Memory Manager is responsible for
+   managing memory allocation, including HugePages, in a NUMA-aware manner. It
+   ensures that memory is allocated from the minimum number of NUMA nodes
+   required. The Memory Manager uses a hint generation protocol to provide NUMA
+   affinity hints to the Topology Manager.  
+-  **Pod specification**: Pods can be specified to request NUMA-aware resource
+   allocation through resource requests and limits, ensuring that they get
+   allocated in alignment with the NUMA topology.  
+-  **Scheduler awareness**: The Kubernetes scheduler works in conjunction with
+   the Topology Manager to place pods on nodes that meet their NUMA affinity
+   requirements. The scheduler considers NUMA topology during the scheduling
+   process to optimise performance.  
+-  **Node Feature Discovery (NFD)**: Node Feature Discovery can be used to
+   label nodes with their NUMA capabilities, providing the scheduler with
+   information to make more informed placement decisions.  
+-  **Resource quotas and limits**: Kubernetes allows defining resource quotas
+   and limits to control the allocation of NUMA-aware resources across
+   namespaces. This helps in managing and isolating resource usage effectively.
+-  **Monitoring and metrics**: Monitoring tools such as Prometheus and Grafana
+   can be used to track the performance and resource utilisation of NUMA-aware
+   workloads. Metrics include CPU and memory usage per NUMA node, helping in
+   optimising and troubleshooting performance-sensitive applications.  
+-  **Isolation and security**: Security contexts and isolation mechanisms
+   ensure that NUMA-aware workloads are protected and run in a controlled
+   environment. This includes setting privileged containers and configuring
+   namespaces to avoid resource contention.  
+-  **Performance tuning**: Additional performance tuning can be achieved by
+   configuring kernel parameters and using tools like `numactl` to bind
+   processes to specific NUMA nodes.
+
+## SR-IOV (Single Root I/O Virtualization)
+
+SR-IOV enables a single physical network device to appear as multiple separate
+virtual devices. This can be beneficial for network-intensive applications that
+require direct access to the network hardware.
+
+### Key features
+
+-  **Multiple Virtual Functions (VFs)**: SR-IOV enables a single physical
+   network device to be partitioned into multiple virtual functions (VFs), each
+   of which can be assigned to a virtual machine or container as a separate
+   network interface.  
+-  **Direct hardware access**: By providing direct access to the physical
+   network device, SR-IOV bypasses the software-based network stack, reducing
+   overhead and improving network performance and latency.  
+-  **Improved network throughput**: Applications can achieve higher network
+   throughput as SR-IOV enables high-speed data transfer directly
+   between the network device and the application.  
+-  **Reduced CPU utilisation**: Offloading network processing to the hardware
+   reduces the CPU load on the host system, freeing up CPU resources for other
+   tasks and improving overall system performance.  
+-  **Isolation and security**: Each virtual function (VF) is isolated from
+   others, providing security and stability. This isolation ensures that issues
+   in one VF do not affect other VFs or the physical function (PF).  
+-  **Dynamic resource allocation**: SR-IOV supports dynamic allocation of
+   virtual functions, enabling resources to be adjusted based on application
+   demands without requiring changes to the physical hardware setup.  
+-  **Enhanced virtualisation support**: SR-IOV is particularly beneficial in
+   virtualised environments, enabling better network performance for virtual
+   machines and containers by providing them with dedicated network interfaces.
+-  **Kubernetes integration**: Kubernetes supports SR-IOV through the use of
+   network device plugins, enabling the automatic discovery, allocation,
+   and management of virtual functions.  
+-  **Compatibility with Network Functions Virtualization (NFV)**: SR-IOV is
+   widely used in NFV deployments to meet the high-performance networking
+   requirements of virtual network functions (VNFs), such as firewalls,
+   routers and load balancers.  
+-  **Reduced network latency**: As network packets can bypass the
+   hypervisor's virtual switch, SR-IOV significantly reduces network latency,
+   making it ideal for latency-sensitive applications.
+
+### Application to Kubernetes
+
+The architecture for SR-IOV (Single Root I/O Virtualization) in Kubernetes
+involves several components and configurations to ensure that virtual functions
+(VFs) from a single physical network device can be managed and allocated
+efficiently. This setup enhances network performance and provides direct access
+to network hardware for applications requiring high throughput and low latency.
+Here are the key architectural components and their roles:
+
+-  **Node configuration**: Each Kubernetes node with SR-IOV capable hardware
+   must have the SR-IOV drivers and tools installed. This includes the SR-IOV
+   network device plugin and associated drivers.  
+-  **SR-IOV enabled network interface**: The physical network interface card
+   (NIC) must be configured to support SR-IOV. This involves enabling SR-IOV in
+   the system BIOS and configuring the NIC to create virtual functions (VFs).  
+-  **SR-IOV network device plugin**: The SR-IOV network device plugin is
+   deployed as a DaemonSet in Kubernetes. It discovers SR-IOV capable network
+   interfaces and manages the allocation of virtual functions (VFs) to pods.  
+-  **Device Plugin Configuration**: The SR-IOV device plugin requires a
+   configuration file that specifies the network devices and the number of
+   virtual functions (VFs) to be managed.  
+-  **Pod specification**: Pods can request SR-IOV virtual functions by
+   specifying resource requests and limits in the pod specification. The SR-IOV
+   device plugin allocates the requested VFs to the pod.  
+-  **Scheduler awareness**: The Kubernetes scheduler must be aware of the
+   SR-IOV resources available on each node. The device plugin advertises the
+   available VFs as extended resources, which the scheduler uses to place pods
+   accordingly. Scheduler configuration ensures pods with SR-IOV requests are
+   scheduled on nodes with available VFs.  
+-  **Resource quotas and limits**: Kubernetes enables the definition of
+   resource quotas and limits to control the allocation of SR-IOV resources
+   across namespaces. This helps manage and isolate resource usage effectively.
+-  **Monitoring and metrics**: Monitoring tools such as Prometheus and Grafana
+   can be used to track the performance and resource utilisation of
+   SR-IOV-enabled workloads. Metrics include VF allocation, network throughput,
+   and latency, helping optimise and troubleshoot performance-sensitive
+   applications.  
+-  **Isolation and security**: SR-IOV provides isolation between VFs, ensuring
+   that each VF operates independently and securely. This isolation is critical
+   for multi-tenant environments where different workloads share the same
+   physical network device.  
+-  **Dynamic resource allocation**: SR-IOV supports dynamic allocation and
+   deallocation of VFs, enabling Kubernetes to adjust resources based on
+   application demands without requiring changes to the physical hardware
+   setup.
+
+## DPDK (Data Plane Development Kit) 
+
+The Data Plane Development Kit (DPDK) is a set of libraries and drivers for
+fast packet processing. It is designed to run in user space, so that
+applications can achieve high-speed packet processing by bypassing the kernel.
+DPDK is used to optimise network performance and reduce latency, making it
+ideal for applications that require high-throughput and low-latency networking,
+such as telecommunications, cloud data centres and network functions
+virtualisation (NFV).
+
+### Key features
+
+-  **High performance**: DPDK can process millions of packets per second per
+   core, using multi-core CPUs to scale performance.  
+-  **User-space processing**: By running in user space, DPDK avoids the
+   overhead of kernel context switches and uses HugePages for better
+   memory performance.  
+-  **Poll Mode Drivers (PMD)**: DPDK uses PMDs that poll for packets instead of
+   relying on interrupts, which reduces latency.
+
+### DPDK architecture
+
+The main goal of the DPDK is to provide a simple, complete framework for fast
+packet processing in data plane applications. Anyone can use the code to
+understand some of the techniques employed, to build upon for prototyping or to
+add their own protocol stacks. 
+
+The framework creates a set of libraries for specific environments through the
+creation of an Environment Abstraction Layer (EAL), which may be specific to a
+mode of the Intel® architecture (32-bit or 64-bit), user space
+compilers or a specific platform. These environments are created through the
+use of Meson files (needed by Meson, the software tool for automating the
+building of software that DPDK uses) and configuration files. Once the EAL
+library is created, the user may link with the library to create their own
+applications. Other libraries, outside of EAL, including the Hash, Longest
+Prefix Match (LPM) and rings libraries are also provided. Sample applications
+are provided to help show the user how to use various features of the DPDK.
+
+The DPDK implements a run-to-completion model for packet processing, where all
+resources must be allocated prior to calling data plane applications, running
+as execution units on logical processing cores. The model does not support a
+scheduler and all devices are accessed by polling. The primary reason for not
+using interrupts is the performance overhead imposed by interrupt processing.
+
+In addition to the run-to-completion model, a pipeline model may also be used
+by passing packets or messages between cores via the rings. This enables work
+to be performed in stages and is a potentially more efficient use of code on
+cores. This is suitable for scenarios where each pipeline must be mapped to a
+specific application thread or when multiple pipelines must be mapped to the
+same thread. 
+
+### Application to Kubernetes
+
+The architecture for integrating the Data Plane Development Kit (DPDK) into
+Kubernetes involves several components and configurations to ensure high-speed
+packet processing and low-latency networking. DPDK enables applications to
+bypass the kernel network stack, providing direct access to network hardware
+and significantly enhancing network performance. Here are the key architectural
+components and their roles:
+
+-  **Node configuration**: Each Kubernetes node must have the DPDK libraries
+   and drivers installed. This includes setting up HugePages and binding
+   network interfaces to DPDK-compatible drivers.  
+-  **HugePages configuration**: DPDK requires HugePages for efficient memory
+   management. Configure the system to reserve HugePages.  
+-  **Network interface binding**: Network interfaces must be bound to
+   DPDK-compatible drivers (e.g., vfio-pci) to be used by DPDK applications.  
+-  **DPDK application container**: Create a Docker container image with the
+   DPDK application and necessary libraries. Ensure that the container runs
+   with appropriate privileges and mounts HugePages.  
+-  **Pod specification**: Deploy the DPDK application in Kubernetes by
+   specifying the necessary resources, including CPU pinning and HugePages, in
+   the pod specification.  
+-  **CPU pinning**: For optimal performance, DPDK applications should use
+   dedicated CPU cores. Configure CPU pinning in the pod specification.  
+-  **SR-IOV for network interfaces**: Combine DPDK with SR-IOV to provide
+   high-performance network interfaces. Allocate SR-IOV virtual functions (VFs)
+   to DPDK pods.  
+-  **Scheduler awareness**: The Kubernetes scheduler must be aware of the
+   resources required by DPDK applications, including HugePages and CPU
+   pinning, to place pods appropriately on nodes with sufficient resources.  
+-  **Monitoring and metrics**: Use monitoring tools like Prometheus and Grafana
+   to track the performance of DPDK applications, including network throughput,
+   latency and CPU usage.  
+-  **Resource quotas and limits**: Define resource quotas and limits to control
+   the allocation of resources for DPDK applications across namespaces,
+   ensuring fair resource distribution and preventing resource contention.  
+-  **Isolation and security**: Ensure that DPDK applications run in isolated
+   and secure environments. Use security contexts to provide the necessary
+   privileges while maintaining security best practices.
+
+
+<!-- LINKS -->
+
+[no_hz]: https://www.kernel.org/doc/Documentation/timers/NO_HZ.txt
diff --git a/docs/src/snap/explanation/index.md b/docs/src/snap/explanation/index.md
index 3feb4fb83..2f8380ea1 100644
--- a/docs/src/snap/explanation/index.md
+++ b/docs/src/snap/explanation/index.md
@@ -16,6 +16,7 @@ certificates
 channels
 clustering
 ingress
+epa
 /snap/explanation/security
 ```
 

From ef3ea74a4e011af9efb91093811260809e01e7e1 Mon Sep 17 00:00:00 2001
From: Adam Dyess <adam.dyess@canonical.com>
Date: Tue, 17 Sep 2024 12:12:39 -0500
Subject: [PATCH 40/45] Update the issue template for creating release branches
 (#677)

---
 .../ISSUE_TEMPLATE/create_release_branch.md   | 57 ++++++-------------
 1 file changed, 18 insertions(+), 39 deletions(-)

diff --git a/.github/ISSUE_TEMPLATE/create_release_branch.md b/.github/ISSUE_TEMPLATE/create_release_branch.md
index 9c5a8268a..c460a90ed 100644
--- a/.github/ISSUE_TEMPLATE/create_release_branch.md
+++ b/.github/ISSUE_TEMPLATE/create_release_branch.md
@@ -13,16 +13,16 @@ Make sure to follow the steps below and ensure all actions are completed and sig
 - **K8s version**: 1.xx
 
 <!-- Set this to the name of the person responsible for running the release tasks, e.g. @neoaggelos -->
-- **Owner**:
+- **Owner**: `who plans to do the work`
 
 <!-- Set this to the name of the team-member that will sign-off the tasks -->
-- **Reviewer**:
+- **Reviewer**:  `who plans to review the work`
 
 <!-- Link to PR to initialize the release branch (see below) -->
-- **PR**:
--
+- **PR**: https://github.com/canonical/k8s-snap/pull/`<int>`
+
 <!-- Link to PR to initialize auto-update job for the release branch (see below) -->
-- **PR**:
+- **PR**: https://github.com/canonical/k8s-snap/pull/`<int>`
 
 #### Actions
 
@@ -53,7 +53,7 @@ The steps are to be followed in-order, each task must be completed by the person
 - [ ] **Owner**: Create `release-1.xx` branch from latest `master` in k8s-dqlite
   - `git clone git@github.com:canonical/k8s-dqlite.git ~/tmp/release-1.xx`
   - `pushd ~/tmp/release-1.xx`
-  - `git switch main`
+  - `git switch master`
   - `git pull`
   - `git checkout -b release-1.xx`
   - `git push origin release-1.xx`
@@ -89,7 +89,7 @@ The steps are to be followed in-order, each task must be completed by the person
 - [ ] **Owner**: Create `release-1.xx` branch from latest `main` in rawfile-localpv
   - `git clone git@github.com:canonical/rawfile-localpv.git ~/tmp/release-1.xx`
   - `pushd ~/tmp/release-1.xx`
-  - `git switch main`
+  - `git switch rockcraft`
   - `git pull`
   - `git checkout -b release-1.xx`
   - `git push origin release-1.xx`
@@ -98,7 +98,6 @@ The steps are to be followed in-order, each task must be completed by the person
 - [ ] **Reviewer**: Ensure `release-1.xx` branch is based on latest changes on `main` at the time of the release cut.
 - [ ] **Owner**: Create PR to initialize `release-1.xx` branch:
   - [ ] Update `KUBERNETES_RELEASE_MARKER` to `stable-1.xx` in [/build-scripts/hack/update-component-versions.py][]
-  - [ ] Update `master` to `release-1.xx` in [/build-scripts/components/k8s-dqlite/version][]
   - [ ] Update `"main"` to `"release-1.xx"` in [/build-scripts/hack/generate-sbom.py][]
   - [ ] `git commit -m 'Release 1.xx'`
   - [ ] Create PR against `release-1.xx` with the changes and request review from **Reviewer**. Make sure to update the issue `Information` section with a link to the PR.
@@ -107,43 +106,22 @@ The steps are to be followed in-order, each task must be completed by the person
   - [ ] Add `release-1.xx` in [.github/workflows/update-components.yaml][]
   - [ ] Remove unsupported releases from the list (if applicable, consult with **Reviewer**)
   - [ ] Create PR against `main` with the changes and request review from **Reviewer**. Make sure to update the issue information with a link to the PR.
-- [ ] **Reviewer**: On merge, confirm [Auto-update strict branch] action runs to completion and that the `autoupdate/release-1.xx-strict` branch is created.
-- [ ] **Owner**: Create launchpad builders for `release-1.xx`
-  - [ ] Go to [lp:k8s][] and do **Import now** to pick up all latest changes.
-  - [ ] Under **Branches**, select `release-1.xx`, then **Create snap package**
-  - [ ] Set **Snap recipe name** to `k8s-snap-1.xx`
-  - [ ] Set **Owner** to `Canonical Kubernetes (containers)`
-  - [ ] Set **The project that this Snap is associated with** to `k8s`
-  - [ ] Set **Series** to Infer from snapcraft.yaml
-  - [ ] Set **Processors** to `AMD x86-64 (amd64)` and `ARM ARMv8 (arm64)`
-  - [ ] Enable **Automatically build when branch changes**
-  - [ ] Enable **Automatically upload to store**
-  - [ ] Set **Registered store name** to `k8s`
-  - [ ] In **Store Channels**, set **Track** to `1.xx-classic` and **Risk** to `edge`. Leave **Branch** empty
-  - [ ] Click **Create snap package** at the bottom of the page.
-- [ ] **Owner**: Create launchpad builders for `release-1.xx-strict`
-  - [ ] Return to [lp:k8s][].
-  - [ ] Under **Branches**, select `autoupdate/release-1.xx-strict`, then **Create snap package**
-  - [ ] Set **Snap recipe name** to `k8s-snap-1.xx-strict`
-  - [ ] Set **Owner** to `Canonical Kubernetes (containers)`
-  - [ ] Set **The project that this Snap is associated with** to `k8s`
-  - [ ] Set **Series** to Infer from snapcraft.yaml
-  - [ ] Set **Processors** to `AMD x86-64 (amd64)` and `ARM ARMv8 (arm64)`
-  - [ ] Enable **Automatically build when branch changes**
-  - [ ] Enable **Automatically upload to store**
-  - [ ] Set **Registered store name** to `k8s`
-  - [ ] In **Store Channels**, set **Track** to `1.xx` and **Risk** to `edge`. Leave **Branch** empty
-  - [ ] Click **Create snap package** at the bottom of the page.
+- [ ] **Reviewer**: On merge, confirm [Auto-update strict branch] action runs to completion and that the `autoupdate/release-1.xx-*` flavor branches are created.
+   - [ ] autoupdate/release-1.xx-strict
+   - [ ] autoupdate/release-1.xx-moonray
+- [ ] **Owner**: Create launchpad builders for `release-1.xx` and flavors
+  - [ ] Run the [Confirm Snap Builds][] Action
 - [ ] **Reviewer**: Ensure snap recipes are created in [lp:k8s/+snaps][]
-  - look for `k8s-snap-1.xx`
-  - look for `k8s-snap-1.xx-strict`
+  - [ ] look for `k8s-snap-1.xx-classic`
+  - [ ] look for `k8s-snap-1.xx-strict`
+  - [ ] look for `k8s-snap-1.xx-moonray`
+  - [ ] make sure each is "Authorized for Store Upload"
 
 #### After release
 
 - [ ] **Owner** follows up with the **Reviewer** and team about things to improve around the process.
 - [ ] **Owner**: After a few weeks of stable CI, update default track to `1.xx/stable` via
   - On the snap [releases page][], select `Track` > `1.xx`
-- [ ] **Reviewer**: Ensure snap recipes are created in [lp:k8s/+snaps][]
 
 
 <!-- LINKS -->
@@ -161,6 +139,7 @@ The steps are to be followed in-order, each task must be completed by the person
 [.github/workflows/update-components.yaml]: ../workflows/update-components.yaml
 [/build-scripts/components/hack/update-component-versions.py]: ../../build-scripts/components/hack/update-component-versions.py
 [/build-scripts/components/k8s-dqlite/version]: ../../build-scripts/components/k8s-dqlite/version
-[/build-scripts/hack/generate-sbom.py]: ../..//build-scripts/hack/generate-sbom.py
+[/build-scripts/hack/generate-sbom.py]: ../../build-scripts/hack/generate-sbom.py
 [lp:k8s]: https://code.launchpad.net/~cdk8s/k8s/+git/k8s-snap
 [lp:k8s/+snaps]: https://launchpad.net/k8s/+snaps
+[Confirm Snap Builds]: https://github.com/canonical/canonical-kubernetes-release-ci/actions/workflows/create-release-branch.yaml

From f1d1254de2299ea5bef139087ee411bb4f2eb826 Mon Sep 17 00:00:00 2001
From: Adam Dyess <adam.dyess@canonical.com>
Date: Tue, 17 Sep 2024 12:50:21 -0500
Subject: [PATCH 41/45] Automerge every 4 hours any labeled PR with passing
 tests (#675)

* Automerge every 4-hours any PR with passing tests labeled with 'automerge'
* Make sure the bot can approve the PRs too
* Update Bot information only if git email currently unset
* consistently use private key secret to setup ssh git-remote
* Rename secret to BOT_SSH_KEY
* Reimagine auto-merge scripts as python
---
 .../workflows/auto-merge-successful-prs.yaml  | 29 ++++++++++
 .github/workflows/update-branches.yaml        |  2 +-
 .github/workflows/update-components.yaml      |  5 +-
 .../hack/auto-merge-successful-pr.py          | 55 +++++++++++++++++++
 build-scripts/patches/moonray/apply           |  9 ++-
 build-scripts/patches/strict/apply            |  7 ++-
 6 files changed, 99 insertions(+), 8 deletions(-)
 create mode 100644 .github/workflows/auto-merge-successful-prs.yaml
 create mode 100755 build-scripts/hack/auto-merge-successful-pr.py

diff --git a/.github/workflows/auto-merge-successful-prs.yaml b/.github/workflows/auto-merge-successful-prs.yaml
new file mode 100644
index 000000000..e7f4fc096
--- /dev/null
+++ b/.github/workflows/auto-merge-successful-prs.yaml
@@ -0,0 +1,29 @@
+name: Auto-merge Successful PRs
+
+on:
+  workflow_dispatch:
+  schedule:
+    - cron: "0 */4 * * *"  # Every 4 hours
+
+permissions:
+  contents: read
+
+jobs:
+  merge-successful-prs:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Harden Runner
+        uses: step-security/harden-runner@v2
+        with:
+          egress-policy: audit
+      - name: Checking out repo
+        uses: actions/checkout@v4
+      - uses: actions/setup-python@v5
+        with:
+          python-version: '3.12'
+      - name: Auto-merge pull requests if all status checks pass
+        env:
+          GH_TOKEN: ${{ secrets.BOT_TOKEN }}
+        run: |
+            build-scripts/hack/auto-merge-successful-pr.py
diff --git a/.github/workflows/update-branches.yaml b/.github/workflows/update-branches.yaml
index 356bbce5b..b6ed8f38e 100644
--- a/.github/workflows/update-branches.yaml
+++ b/.github/workflows/update-branches.yaml
@@ -41,7 +41,7 @@ jobs:
       - name: Sync ${{ github.ref }} to ${{ steps.determine.outputs.branch }}
         uses: actions/checkout@v4
         with:
-          ssh-key: ${{ secrets.DEPLOY_KEY_TO_UPDATE_STRICT_BRANCH }}
+          ssh-key: ${{ secrets.BOT_SSH_KEY }}
       - name: Apply ${{ matrix.patch }} patch
         run: |
           git checkout -b ${{ steps.determine.outputs.branch }}
diff --git a/.github/workflows/update-components.yaml b/.github/workflows/update-components.yaml
index 7f9e43745..23aa952a4 100644
--- a/.github/workflows/update-components.yaml
+++ b/.github/workflows/update-components.yaml
@@ -33,7 +33,7 @@ jobs:
         uses: actions/checkout@v4
         with:
           ref: ${{ matrix.branch }}
-          ssh-key: ${{ secrets.DEPLOY_KEY_TO_UPDATE_STRICT_BRANCH }}
+          ssh-key: ${{ secrets.BOT_SSH_KEY }}
 
       - name: Setup Python
         uses: actions/setup-python@v5
@@ -51,10 +51,11 @@ jobs:
       - name: Create pull request
         uses: peter-evans/create-pull-request@v6
         with:
-          git-token: ${{ secrets.DEPLOY_KEY_TO_UPDATE_STRICT_BRANCH }}
           commit-message: "[${{ matrix.branch }}] Update component versions"
           title: "[${{ matrix.branch }}] Update component versions"
           body: "[${{ matrix.branch }}] Update component versions"
           branch: "autoupdate/sync/${{ matrix.branch }}"
+          labels: |
+            automerge
           delete-branch: true
           base: ${{ matrix.branch }}
diff --git a/build-scripts/hack/auto-merge-successful-pr.py b/build-scripts/hack/auto-merge-successful-pr.py
new file mode 100755
index 000000000..ea6c98e6b
--- /dev/null
+++ b/build-scripts/hack/auto-merge-successful-pr.py
@@ -0,0 +1,55 @@
+#!/bin/env python3
+
+import shlex
+import subprocess
+import json
+
+LABEL = "automerge"
+APPROVE_MSG = "All status checks passed for PR #{}."
+
+
+def sh(cmd: str) -> str:
+    """Run a shell command and return its output."""
+    _pipe = subprocess.PIPE
+    result = subprocess.run(shlex.split(cmd), stdout=_pipe, stderr=_pipe, text=True)
+    if result.returncode != 0:
+        raise Exception(f"Error running command: {cmd}\nError: {result.stderr}")
+    return result.stdout.strip()
+
+
+def get_pull_requests() -> list:
+    """Fetch open pull requests matching some label."""
+    prs_json = sh("gh pr list --state open --json number,labels")
+    prs = json.loads(prs_json)
+    return [pr for pr in prs if any(label["name"] == LABEL for label in pr["labels"])]
+
+
+def check_pr_passed(pr_number) -> bool:
+    """Check if all status checks passed for the given PR."""
+    checks_json = sh(f"gh pr checks {pr_number} --json bucket")
+    checks = json.loads(checks_json)
+    return all(check["bucket"] == "pass" for check in checks)
+
+
+def approve_and_merge_pr(pr_number) -> None:
+    """Approve and merge the PR."""
+    print(APPROVE_MSG.format(pr_number) + "Proceeding with merge...")
+    sh(f'gh pr review {pr_number} --comment -b "{APPROVE_MSG.format(pr_number)}"')
+    sh(f"gh pr merge {pr_number} --admin --squash")
+
+
+def process_pull_requests():
+    """Process the PRs and merge if checks have passed."""
+    prs = get_pull_requests()
+
+    for pr in prs:
+        pr_number: int = pr["number"]
+
+        if check_pr_passed(pr_number):
+            approve_and_merge_pr(pr_number)
+        else:
+            print(f"Status checks have not passed for PR #{pr_number}. Skipping merge.")
+
+
+if __name__ == "__main__":
+    process_pull_requests()
diff --git a/build-scripts/patches/moonray/apply b/build-scripts/patches/moonray/apply
index 1233dae42..32a2f8510 100755
--- a/build-scripts/patches/moonray/apply
+++ b/build-scripts/patches/moonray/apply
@@ -2,9 +2,12 @@
 
 DIR="$(realpath "$(dirname "${0}")")"
 
-# Configure git author
-git config user.email k8s-bot@canonical.com
-git config user.name k8s-bot
+# Configure git author if unset
+git_email=$(git config --default "" user.email)
+if [ -z "${git_email}" ]; then
+    git config user.email k8s-team-ci@canonical.com
+    git config user.name 'k8s-team-ci (CDK Bot)'
+fi
 
 # Remove unrelated tests
 rm "${DIR}/../../../tests/integration/tests/test_cilium_e2e.py"
diff --git a/build-scripts/patches/strict/apply b/build-scripts/patches/strict/apply
index 1729742e2..3f6f7de14 100755
--- a/build-scripts/patches/strict/apply
+++ b/build-scripts/patches/strict/apply
@@ -3,8 +3,11 @@
 DIR="$(realpath "$(dirname "${0}")")"
 
 # Configure git author
-git config user.email k8s-bot@canonical.com
-git config user.name k8s-bot
+git_email=$(git config --default "" user.email)
+if [ -z "${git_email}" ]; then
+    git config user.email k8s-team-ci@canonical.com
+    git config user.name 'k8s-team-ci (CDK Bot)'
+fi
 
 # Apply strict patch
 git am "${DIR}/0001-Strict-patch.patch"

From f55f6f8022aa47b49e703f440d6a6d8f1886f579 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Maciek=20Go=C5=82aszewski?=
 <maciej.golaszewski@canonical.com>
Date: Tue, 17 Sep 2024 21:20:58 +0200
Subject: [PATCH 42/45] Warnings that k8s service may not work (#657)

Warnings that k8s service may not work (#657)
KU-1475
---
 src/k8s/cmd/k8s/hooks.go            | 35 ++++++++++++++++++
 src/k8s/cmd/k8s/k8s_bootstrap.go    |  2 +-
 src/k8s/cmd/k8s/k8s_join_cluster.go |  2 +-
 src/k8s/cmd/util/hooks.go           | 56 +++++++++++++++++++++++++++++
 4 files changed, 93 insertions(+), 2 deletions(-)
 create mode 100644 src/k8s/cmd/util/hooks.go

diff --git a/src/k8s/cmd/k8s/hooks.go b/src/k8s/cmd/k8s/hooks.go
index 481d63df6..6b97bd16d 100644
--- a/src/k8s/cmd/k8s/hooks.go
+++ b/src/k8s/cmd/k8s/hooks.go
@@ -2,6 +2,7 @@ package k8s
 
 import (
 	cmdutil "github.com/canonical/k8s/cmd/util"
+
 	"github.com/spf13/cobra"
 )
 
@@ -34,3 +35,37 @@ func hookInitializeFormatter(env cmdutil.ExecutionEnvironment, format *string) f
 		}
 	}
 }
+
+// hookCheckLXD verifies the ownership of directories needed for Kubernetes to function.
+// If a potential issue is detected, it displays a warning to the user.
+func hookCheckLXD() func(*cobra.Command, []string) {
+	return func(cmd *cobra.Command, args []string) {
+		// pathsOwnershipCheck paths to validate root is the owner
+		var pathsOwnershipCheck = []string{"/sys", "/proc", "/dev/kmsg"}
+		inLXD, err := cmdutil.InLXDContainer()
+		if err != nil {
+			cmd.PrintErrf("Failed to check if running inside LXD container: %s", err.Error())
+			return
+		}
+		if inLXD {
+			var errMsgs []string
+			for _, pathToCheck := range pathsOwnershipCheck {
+				if err = cmdutil.ValidateRootOwnership(pathToCheck); err != nil {
+					errMsgs = append(errMsgs, err.Error())
+				}
+			}
+			if len(errMsgs) > 0 {
+				if debug, _ := cmd.Flags().GetBool("debug"); debug {
+					cmd.PrintErrln("Warning: When validating required resources potential issues found:")
+					for _, errMsg := range errMsgs {
+						cmd.PrintErrln("\t", errMsg)
+					}
+				}
+				cmd.PrintErrln("The lxc profile for Canonical Kubernetes might be missing.")
+				cmd.PrintErrln("For running k8s inside LXD container refer to " +
+					"https://documentation.ubuntu.com/canonical-kubernetes/latest/snap/howto/install/lxd/")
+			}
+		}
+		return
+	}
+}
diff --git a/src/k8s/cmd/k8s/k8s_bootstrap.go b/src/k8s/cmd/k8s/k8s_bootstrap.go
index b4243d824..5510ed34e 100644
--- a/src/k8s/cmd/k8s/k8s_bootstrap.go
+++ b/src/k8s/cmd/k8s/k8s_bootstrap.go
@@ -45,7 +45,7 @@ func newBootstrapCmd(env cmdutil.ExecutionEnvironment) *cobra.Command {
 		Use:    "bootstrap",
 		Short:  "Bootstrap a new Kubernetes cluster",
 		Long:   "Generate certificates, configure service arguments and start the Kubernetes services.",
-		PreRun: chainPreRunHooks(hookRequireRoot(env), hookInitializeFormatter(env, &opts.outputFormat)),
+		PreRun: chainPreRunHooks(hookRequireRoot(env), hookInitializeFormatter(env, &opts.outputFormat), hookCheckLXD()),
 		Run: func(cmd *cobra.Command, args []string) {
 			if opts.interactive && opts.configFile != "" {
 				cmd.PrintErrln("Error: --interactive and --file flags cannot be set at the same time.")
diff --git a/src/k8s/cmd/k8s/k8s_join_cluster.go b/src/k8s/cmd/k8s/k8s_join_cluster.go
index 7507fedcb..4cd5bfe6d 100644
--- a/src/k8s/cmd/k8s/k8s_join_cluster.go
+++ b/src/k8s/cmd/k8s/k8s_join_cluster.go
@@ -32,7 +32,7 @@ func newJoinClusterCmd(env cmdutil.ExecutionEnvironment) *cobra.Command {
 	cmd := &cobra.Command{
 		Use:    "join-cluster <join-token>",
 		Short:  "Join a cluster using the provided token",
-		PreRun: chainPreRunHooks(hookRequireRoot(env), hookInitializeFormatter(env, &opts.outputFormat)),
+		PreRun: chainPreRunHooks(hookRequireRoot(env), hookInitializeFormatter(env, &opts.outputFormat), hookCheckLXD()),
 		Args:   cmdutil.ExactArgs(env, 1),
 		Run: func(cmd *cobra.Command, args []string) {
 			token := args[0]
diff --git a/src/k8s/cmd/util/hooks.go b/src/k8s/cmd/util/hooks.go
new file mode 100644
index 000000000..a02dc64c3
--- /dev/null
+++ b/src/k8s/cmd/util/hooks.go
@@ -0,0 +1,56 @@
+package cmdutil
+
+import (
+	"fmt"
+	"os"
+	"strings"
+	"syscall"
+)
+
+// getFileOwnerAndGroup retrieves the UID and GID of a file.
+func getFileOwnerAndGroup(filePath string) (uid, gid uint32, err error) {
+	// Get file info using os.Stat
+	fileInfo, err := os.Stat(filePath)
+	if err != nil {
+		return 0, 0, fmt.Errorf("error getting file info: %w", err)
+	}
+	// Convert the fileInfo.Sys() to syscall.Stat_t to access UID and GID
+	stat, ok := fileInfo.Sys().(*syscall.Stat_t)
+	if !ok {
+		return 0, 0, fmt.Errorf("failed to cast to syscall.Stat_t")
+	}
+	// Return the UID and GID
+	return stat.Uid, stat.Gid, nil
+}
+
+// ValidateRootOwnership checks if the specified path is owned by the root user and root group.
+func ValidateRootOwnership(path string) (err error) {
+	UID, GID, err := getFileOwnerAndGroup(path)
+	if err != nil {
+		return err
+	}
+	if UID != 0 {
+		return fmt.Errorf("owner of %s is user with UID %d expected 0", path, UID)
+	}
+	if GID != 0 {
+		return fmt.Errorf("owner of %s is group with GID %d expected 0", path, GID)
+	}
+	return nil
+}
+
+// InLXDContainer checks if k8s runs in a lxd container.
+func InLXDContainer() (isLXD bool, err error) {
+	initialProcessEnvironmentVariables := "/proc/1/environ"
+	content, err := os.ReadFile(initialProcessEnvironmentVariables)
+	if err != nil {
+		// if the permission to file is missing we still want to display info about lxd
+		if os.IsPermission(err) {
+			return true, fmt.Errorf("cannnot access %s to check if runing in LXD container: %w", initialProcessEnvironmentVariables, err)
+		}
+		return false, fmt.Errorf("cannnot read %s to check if runing in LXD container: %w", initialProcessEnvironmentVariables, err)
+	}
+	if strings.Contains(string(content), "container=lxc") {
+		return true, nil
+	}
+	return false, nil
+}

From cbcbcfc5f02471dd8ee40767c1a2c911b2e52e30 Mon Sep 17 00:00:00 2001
From: Nick Veitch <nick.veitch@canonical.com>
Date: Wed, 18 Sep 2024 11:16:43 +0100
Subject: [PATCH 43/45] link epa pages, fix nav

---
 docs/src/snap/explanation/epa.md | 8 +++++---
 docs/src/snap/howto/index.md     | 2 +-
 2 files changed, 6 insertions(+), 4 deletions(-)

diff --git a/docs/src/snap/explanation/epa.md b/docs/src/snap/explanation/epa.md
index a0884df55..b4bcaccc1 100644
--- a/docs/src/snap/explanation/epa.md
+++ b/docs/src/snap/explanation/epa.md
@@ -27,9 +27,10 @@ capabilities. This document provides a detailed guide of how EPA applies to
    performance and reducing latency.
 
 This document provides relevant links to detailed instructions for setting up
-and installing these technologies. It is designed for developers
-and architects who wish to integrate these new technologies into their
-{{product}}-based networking solutions. 
+and installing these technologies. It is designed for developers and architects
+who wish to integrate these new technologies into their {{product}}-based
+networking solutions. The separate [how to guide][howto-epa] for EPA includes the
+necessary steps to implement these features on {{product}}.
 
 ## HugePages 
 
@@ -542,3 +543,4 @@ components and their roles:
 <!-- LINKS -->
 
 [no_hz]: https://www.kernel.org/doc/Documentation/timers/NO_HZ.txt
+[howto-epa]: /snap/howto/epa
diff --git a/docs/src/snap/howto/index.md b/docs/src/snap/howto/index.md
index 45c18485c..3ae545030 100644
--- a/docs/src/snap/howto/index.md
+++ b/docs/src/snap/howto/index.md
@@ -19,10 +19,10 @@ networking/index
 storage/index
 external-datastore
 proxy
-epa
 backup-restore
 refresh-certs
 restore-quorum
+epa
 contribute
 support
 ```

From 40937463329479b1b2c9b761fc24dcb9d67f8aac Mon Sep 17 00:00:00 2001
From: Nick Veitch <nick.veitch@canonical.com>
Date: Wed, 18 Sep 2024 11:21:37 +0100
Subject: [PATCH 44/45] address review comments

---
 docs/src/snap/howto/epa.md | 46 +++++++++++++++++++-------------------
 1 file changed, 23 insertions(+), 23 deletions(-)

diff --git a/docs/src/snap/howto/epa.md b/docs/src/snap/howto/epa.md
index c3e92f49b..ed960a6ff 100644
--- a/docs/src/snap/howto/epa.md
+++ b/docs/src/snap/howto/epa.md
@@ -415,7 +415,7 @@ EPA capabilities.
 1. [Install the snap][install-link] from the relevant [channel][channel]. 
    
    ```{note}
-   A pre-release channel is required currently until there is a finalised release of {{product}}.
+   A pre-release channel is required currently until there is a stable release of {{product}}.
    ```
 
    For example:
@@ -1102,28 +1102,28 @@ the correct PCI address:
 
 ```
 ...
-                  k8s.v1.cni.cncf.io/network-status:
-                    [{
-                        "name": "k8s-pod-network",
-                        "ips": [
-                            "10.1.17.141"
-                        ],
-                        "default": true,
-                        "dns": {}
-                    },{
-                        "name": "default/dpdk-net1",
-                        "interface": "net1",
-                        "mac": "26:e4:aa:f4:ce:ba",
-                        "dns": {},
-                        "device-info": {
-                            "type": "pci",
-                            "version": "1.1.0",
-                            "pci": {
-                                "pci-address": "0000:98:1f.2"
-                            }
-                        }
-                    }]
-                  k8s.v1.cni.cncf.io/networks: dpdk-net1
+    k8s.v1.cni.cncf.io/network-status:
+      [{
+          "name": "k8s-pod-network",
+          "ips": [
+              "10.1.17.141"
+          ],
+          "default": true,
+          "dns": {}
+      },{
+          "name": "default/dpdk-net1",
+          "interface": "net1",
+          "mac": "26:e4:aa:f4:ce:ba",
+          "dns": {},
+          "device-info": {
+              "type": "pci",
+              "version": "1.1.0",
+              "pci": {
+                  "pci-address": "0000:98:1f.2"
+              }
+          }
+      }]
+    k8s.v1.cni.cncf.io/networks: dpdk-net1
 ...
 
 ```

From 7554a0fb4f173518c8a0fc30fb488f729281616f Mon Sep 17 00:00:00 2001
From: Nick Veitch <nick.veitch@canonical.com>
Date: Wed, 18 Sep 2024 11:25:28 +0100
Subject: [PATCH 45/45] lint

---
 docs/src/snap/howto/epa.md | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/docs/src/snap/howto/epa.md b/docs/src/snap/howto/epa.md
index ed960a6ff..50e6b4783 100644
--- a/docs/src/snap/howto/epa.md
+++ b/docs/src/snap/howto/epa.md
@@ -1,7 +1,8 @@
 # How to set up Enhanced Platform Awareness
 
 This section explains how to set up the Enhanced Platform Awareness (EPA)
-features in a {{product}} cluster. Please see the [EPA explanation page][explain-epa] for details about how EPA applies to {{product}}.
+features in a {{product}} cluster. Please see the [EPA explanation
+page][explain-epa] for details about how EPA applies to {{product}}.
 
 The content starts with the setup of the environment (including steps for using
 [MAAS][MAAS]). Then the setup of {{product}}, including the Multus & SR-IOV/DPDK