Obs/bin/GMA/GMATenantJson.psm1
##------------------------------------------------------------------ ## <copyright file="GMATenantJson.psm1" company="Microsoft"> ## Copyright (C) Microsoft. All rights reserved. ## </copyright> ##------------------------------------------------------------------ $azureStackNugetPath = Get-ASArtifactPath -NugetName "Microsoft.AzureStack.Solution.Deploy.CloudDeployment" Import-Module (Join-Path $azureStackNugetPath "content\roles\common\RoleHelpers.psm1") -Verbose:$false class GMATenantJson { <# .SYNOPSIS Creates multi tenant json configs for setting up the Observability (Telemetry, Diagnostics, Health, Security and Metrics) pipeline. .EXAMPLE [GMATenantJson]::GenerateMultiTenantJsonConfigsForObservability($Parameters) .PARAMETER Parameters The ECE role parameters for this interface. #> static GenerateMultiTenantJsonConfigsForObservability([CloudEngine.Configurations.EceInterfaceParameters] $Parameters) { $ErrorActionPreference = "Stop" ## For classes in PS, we need to use the call stack to get the current executing function. $functionName = $(Get-PSCallStack)[0].FunctionName $gmaNugetName = "Microsoft.AzureStack.Observability.GenevaMonitoringAgent" $gmaPackageContentPath = Join-Path $(Get-ASArtifactPath -NugetName $gmaNugetName) -ChildPath "content" Import-Module "$gmaPackageContentPath\GMATenantJsonHelper.psm1" -DisableNameChecking ## Get PhysicalDriveLetter to place GMA cache folder $PhysicalDriveLetter = $Parameters.Roles["GMATenantJson"].PublicConfiguration.PublicInfo.PhysicalDriveLetter $volumeName = "${PhysicalDriveLetter}:" ## GMA cache folder path $gmaCacheFolderName = $Parameters.Roles["GMATenantJson"].PublicConfiguration.PublicInfo.GMACacheFolderName $gmaCacheFolderPath = Join-Path -Path $volumeName -ChildPath $gmaCacheFolderName Trace-Execution "$functionName : GMACacheFolderPath - $gmaCacheFolderPath" # Get StreamingDataClient value $streamingDataClient =[System.Convert]::ToBoolean($Parameters.Roles["GMATenantJson"].PublicConfiguration.PublicInfo.StreamingDataClient) Trace-Execution "$functionName : StreamingDataClient - $streamingDataClient" $gcsRegionName = $Parameters.Roles["Cloud"].PublicConfiguration.PublicInfo.RegistrationRegion Trace-Execution "$functionName : GCSRegionName - $gcsRegionName" ## Determine GcsEnvironment $gcsEnvironment = "Prod" ## default environment ## Check if the reg key created for CI exists or not, if yes then change the GCSEnvironment to point to PPE. if (Test-RegKeyExists -Path "HKLM:\Software\Microsoft\SQMClient\" -Name "IsCIEnv") { $gcsEnvironment = "Ppe" } Trace-Execution "$functionName : GCSEnvironment - $gcsEnvironment" ## Fetch the clusterName $managementClusterName = $Parameters.Roles["Cluster"].PublicConfiguration.Clusters.Node | ` Where-Object { $_.IsManagementCluster -ieq "true"} | ` Select-Object -ExpandProperty Name if(-not $managementClusterName) { $errorMessage = "$functionName : ManagementClusterName not found in Cloud config." Trace-Error $errorMessage throw $errorMessage } Trace-Execution "$functionName : ManagementClusterName - $managementClusterName" $assemblyVersion = $Parameters.Roles["GMATenantJson"].PublicConfiguration.PublicInfo.Version Trace-Execution "$functionName : AssemblyVersion - $assemblyVersion" Set-GlobalEnvironmentVariable -EnvVariableName "ASSEMBLY_BUILD_VERSION" -EnvVariableValue $assemblyVersion Trace-Execution "$functionName : ASSEMBLY_BUILD_VERSION Environment variable set to - $assemblyVersion" Set-GlobalEnvironmentVariable -EnvVariableName "CLUSTER_NAME" -EnvVariableValue $managementClusterName Trace-Execution "$functionName : CLUSTER_NAME Environment variable set to - $env:CLUSTER_NAME" # Get StampID, NodeId, and DeviceArmResourceUri $azureStackHciDetails = Get-AzureStackHCI $deviceArmResourceUri = $azureStackHciDetails.AzureResourceUri $StampId = $azureStackHciDetails.AzureResourceName $nodeId = $StampId + "-" + (Get-ClusterNode(hostname)).Id Set-GlobalEnvironmentVariable -EnvVariableName "HCI_RESOURCE_URI" -EnvVariableValue $deviceArmResourceUri Trace-Execution "$functionName : HCI_RESOURCE_URI Environment variable set to - $env:HCI_RESOURCE_URI" # Disable telemetry if either diagnostic level is Off or StreamingDataClient value is False. $diagnosticLevel = [System.Convert]::ToString($azureStackHciDetails.DiagnosticLevel).ToLower() $telemetryEnabled = $true if ($diagnosticLevel -eq "off" -or $StreamingDataClient -eq $false) { $telemetryEnabled = $false } try { Trace-Execution "$functionName : Observability tasks will now run on node $($env:COMPUTERNAME)." $envInfoFilePath = "$GmaPackageContentPath\EnvironmentInfo.json" $tenantInfoContent = Get-Content $envInfoFilePath -Raw | ConvertFrom-Json $envInfo = $tenantInfoContent.$GcsEnvironment $configTypes = @("Telemetry", "Diagnostics", "Health", "Security", "Metrics") foreach($configType in $configTypes) { ## Based on the config type, initialize dynamic variables. $envInfoFilePath = "$GmaPackageContentPath\EnvironmentInfo.json" $tenantInfoContent = Get-Content $envInfoFilePath -Raw | ConvertFrom-Json $envInfo = $tenantInfoContent.$GcsEnvironment $arcAgentResourceInfo = Get-ArcAgentResourceInfo $arcAgentResourceId = Get-ArcAgentResourceId -ArcAgentInfo $arcAgentResourceInfo $gcsEndpoint = $envInfo.EndPoint $gcsAccount = $envInfo.Account $gcsNameSpace = $envInfo.Namespaces.$configType if ($configType -eq "Metrics") { $gcsNameSpace = Get-MetricsNamespaceRegionMapping -MetricsNamespace $envInfo.Namespaces.$configType -Region $arcAgentResourceInfo.Location $metricsShoeboxAccount = Get-MetricsShoeboxAccountName -ShoeboxAccountPrefix $envInfo.ShoeboxAccountPrefix -MetricsNamespace $envInfo.Namespaces.$configType -Region $arcAgentResourceInfo.Location } $genevaConfigVersion = $envInfo.ConfigVersion $jsonConfigFileName = "AEO" + $configType + ".json" $jsonDropLocation = Join-Path -Path $GMACacheFolderPath -ChildPath "JsonDropLocation" $tenantJsonFilePath = Join-Path -Path $jsonDropLocation -ChildPath $jsonConfigFileName $cacheLocalPath = Join-Path -Path $GMACacheFolderPath -ChildPath $($configType + "Cache") Trace-Execution "$functionName : Multi-Tenant Json will be created for Observability-$configType under $gcsRegionName region and $gcsEnvironment environment on $($env:COMPUTERNAME)." Set-TenantConfigRegistryKeys ` -ConfigType $configType ` -Version "1.0" ` -GcsAuthIdType "AuthMSIToken" ` -GcsEnvironment $gcsEndpoint ` -GcsGenevaAccount $gcsAccount ` -GcsNamespace $gcsNameSpace ` -GcsRegion $gcsRegionName ` -GenevaConfigVersion $genevaConfigVersion ` -LocalPath $cacheLocalPath ` -DisableUpdate "true" ` -DisableCustomImds "true" ` -MONITORING_AEO_REGION $gcsRegionName ` -MONITORING_AEO_DEVICE_ARM_RESOURCE_URI $deviceArmResourceUri ` -MONITORING_AEO_STAMPID $StampId ` -MONITORING_AEO_CLUSTER_NAME $managementClusterName ` -MONITORING_AEO_OSBUILD (Get-OSBuildVersion) ` -MONITORING_AEO_ASSEMBLYBUILD $assemblyVersion ` -MONITORING_AEO_NODEID $nodeId ` -MONITORING_AEO_NODE_ARC_RESOURCE_URI $arcAgentResourceId ` -MONITORING_AEO_CLUSTER_NODE_NAME "%COMPUTERNAME%" # Conditionally create the security tenant json to enable/disable secuirty MA namespace. # In Deployment it is always disabled. In Scale-Out and Update it can be either enabled or disabled. if ($configType -ieq "Security") { if (-not $Parameters.Roles.Contains("SyslogForwarder")) { Trace-Execution "Will not create new Security tenant config. SyslogForwarder role configuration not found." continue } $syslogForwarderRole = $Parameters.Roles["SyslogForwarder"].PublicConfiguration try { $syslogEnabled = [System.Convert]::ToBoolean($syslogForwarderRole.PublicInfo.SyslogEnabled) } catch { Trace-Execution "Failed to retrieve SyslogForwarder enabling state: $_. SyslogForwarder configuration state: $($syslogForwarderRole.PublicInfo.SyslogEnabled)" continue } if (-not $syslogEnabled) { Trace-Execution "Will not create new Security tenant config when SyslogForwarder is disabled" continue } } & "$gmaPackageContentPath\NewMultiTenantJsonForObservabilityGMA.ps1" ` -ConfigType $configType ` -TenantJsonFilePath $tenantJsonFilePath ` -TelemetryEnabled $telemetryEnabled ` -LogFile $logFile } $taskName = "Get-TelemetryStatusAndEditConfigsInJsonDropLocation" $description = "Runs every hour to fetch telemetry status and based on that either adds or removes Telemetry config from JsonDropLocation" $scriptPath = "$gmaPackageContentPath\GetTelemetryStatusAndEditConfigs.ps1" $telemetryGcsNamespace = $envInfo.Namespaces.Telemetry # Need to convert StreamingDataClient to int as arguments are sent as string. # If just True or False is sent as string, it doesn't implicitly convert it to Boolean, but it is able to convert 0 and 1 to boolean. $scriptArguments = "-TaskName `'$taskName`' -GMACacheFolderPath `'$GMACacheFolderPath`' -GMAPackageContentPath `'$gmaPackageContentPath`' -StreamingDataClient $([System.Convert]::ToInt16($streamingDataClient)) -GcsNamespace `'$telemetryGcsNameSpace`'" Trace-Execution "$functionName : ScheduledTask to fetch Telemetry status and Edit configs based on it will be created now on $($env:COMPUTERNAME)." New-ScheduledTaskForObservability $taskName $description $scriptPath $scriptArguments } catch { if ($null -eq (Get-Command Get-ExceptionDetails -ErrorAction SilentlyContinue)) { Import-Module "$gmaPackageContentPath\GMATenantJsonHelper.psm1" -Force } $customErrorMessage = "$functionName : Could not run Observability tasks on node $($env:COMPUTERNAME) due to following error: " $customErrorMessage += Get-ExceptionDetails -ErrorObject $_ Trace-Error $customErrorMessage throw } } <# .SYNOPSIS Evaluation function to identify what type of GMA configuration action to use. Following are the cases involved during evaluation : case 1 : If the interface is invoked in case of Deployment then run configuration on all nodes. case 2 : If the interface is invoked in case of AddNode or RepairNode then run configuration on only that node. .EXAMPLE [GMATenantJson]::EvaluateGMAConfigurationType($Parameters) .PARAMETER Parameters The ECE role parameters for this interface. #> static [CloudEngine.Actions.ConditionalActionDescription] EvaluateGMAConfigurationType([CloudEngine.Configurations.EceInterfaceParameters] $Parameters) { $ErrorActionPreference = "Stop" ## For classes in PS, we need to use the call stack to get the current executing function. $functionName = $(Get-PSCallStack)[0].FunctionName try { $cloudRolePath = "GMATenantJson" $gmaConfigOnAllNodes = "ConfigureGMAOnAllNodes" $gmaConfigOnOneNode = "ConfigureGMAOnOneNode" $gmaConfigOnAllNodesAction = [CloudEngine.Actions.ConditionalActionDescription]::CreateWithDefinedAction($cloudRolePath, $gmaConfigOnAllNodes) $gmaConfigOnOneNodeAction = [CloudEngine.Actions.ConditionalActionDescription]::CreateWithDefinedAction($cloudRolePath, $gmaConfigOnOneNode) $nodeName = Get-ExecutionContextNodeName -Parameters $Parameters if($null -ne $nodeName) { # In add node or repair node case, ExecutionContextNodeName should have exactly one value. Trace-Execution "Execution context node was determined. GMA will be configured on $nodeName only." return $gmaConfigOnOneNodeAction } # In regular deployment case, ExecutionContextNodeName will be null. Trace-Execution "No exceution context node was determined. GMA will be configured on all the nodes." return $gmaConfigOnAllNodesAction } catch { Trace-Error "$functionName :Failed to evaluate GMA configuration type on node $($env:COMPUTERNAME) due to following error : $_" throw } } } # SIG # Begin signature block # MIIoPAYJKoZIhvcNAQcCoIIoLTCCKCkCAQExDzANBglghkgBZQMEAgEFADB5Bgor # BgEEAYI3AgEEoGswaTA0BgorBgEEAYI3AgEeMCYCAwEAAAQQH8w7YFlLCE63JNLG # KX7zUQIBAAIBAAIBAAIBAAIBADAxMA0GCWCGSAFlAwQCAQUABCB/7Wu/z0Qn2INm # 57fZEBAhMvA6PWZ9HGCJuAK4M+1rTKCCDYUwggYDMIID66ADAgECAhMzAAADri01 # UchTj1UdAAAAAAOuMA0GCSqGSIb3DQEBCwUAMH4xCzAJBgNVBAYTAlVTMRMwEQYD # VQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNy # b3NvZnQgQ29ycG9yYXRpb24xKDAmBgNVBAMTH01pY3Jvc29mdCBDb2RlIFNpZ25p # bmcgUENBIDIwMTEwHhcNMjMxMTE2MTkwODU5WhcNMjQxMTE0MTkwODU5WjB0MQsw # CQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9u # ZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMR4wHAYDVQQDExVNaWNy # b3NvZnQgQ29ycG9yYXRpb24wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB # AQD0IPymNjfDEKg+YyE6SjDvJwKW1+pieqTjAY0CnOHZ1Nj5irGjNZPMlQ4HfxXG # yAVCZcEWE4x2sZgam872R1s0+TAelOtbqFmoW4suJHAYoTHhkznNVKpscm5fZ899 # QnReZv5WtWwbD8HAFXbPPStW2JKCqPcZ54Y6wbuWV9bKtKPImqbkMcTejTgEAj82 # 6GQc6/Th66Koka8cUIvz59e/IP04DGrh9wkq2jIFvQ8EDegw1B4KyJTIs76+hmpV # M5SwBZjRs3liOQrierkNVo11WuujB3kBf2CbPoP9MlOyyezqkMIbTRj4OHeKlamd # WaSFhwHLJRIQpfc8sLwOSIBBAgMBAAGjggGCMIIBfjAfBgNVHSUEGDAWBgorBgEE # AYI3TAgBBggrBgEFBQcDAzAdBgNVHQ4EFgQUhx/vdKmXhwc4WiWXbsf0I53h8T8w # VAYDVR0RBE0wS6RJMEcxLTArBgNVBAsTJE1pY3Jvc29mdCBJcmVsYW5kIE9wZXJh # dGlvbnMgTGltaXRlZDEWMBQGA1UEBRMNMjMwMDEyKzUwMTgzNjAfBgNVHSMEGDAW # gBRIbmTlUAXTgqoXNzcitW2oynUClTBUBgNVHR8ETTBLMEmgR6BFhkNodHRwOi8v # d3d3Lm1pY3Jvc29mdC5jb20vcGtpb3BzL2NybC9NaWNDb2RTaWdQQ0EyMDExXzIw # MTEtMDctMDguY3JsMGEGCCsGAQUFBwEBBFUwUzBRBggrBgEFBQcwAoZFaHR0cDov # L3d3dy5taWNyb3NvZnQuY29tL3BraW9wcy9jZXJ0cy9NaWNDb2RTaWdQQ0EyMDEx # XzIwMTEtMDctMDguY3J0MAwGA1UdEwEB/wQCMAAwDQYJKoZIhvcNAQELBQADggIB # AGrJYDUS7s8o0yNprGXRXuAnRcHKxSjFmW4wclcUTYsQZkhnbMwthWM6cAYb/h2W # 5GNKtlmj/y/CThe3y/o0EH2h+jwfU/9eJ0fK1ZO/2WD0xi777qU+a7l8KjMPdwjY # 0tk9bYEGEZfYPRHy1AGPQVuZlG4i5ymJDsMrcIcqV8pxzsw/yk/O4y/nlOjHz4oV # APU0br5t9tgD8E08GSDi3I6H57Ftod9w26h0MlQiOr10Xqhr5iPLS7SlQwj8HW37 # ybqsmjQpKhmWul6xiXSNGGm36GarHy4Q1egYlxhlUnk3ZKSr3QtWIo1GGL03hT57 # xzjL25fKiZQX/q+II8nuG5M0Qmjvl6Egltr4hZ3e3FQRzRHfLoNPq3ELpxbWdH8t # Nuj0j/x9Crnfwbki8n57mJKI5JVWRWTSLmbTcDDLkTZlJLg9V1BIJwXGY3i2kR9i # 5HsADL8YlW0gMWVSlKB1eiSlK6LmFi0rVH16dde+j5T/EaQtFz6qngN7d1lvO7uk # 6rtX+MLKG4LDRsQgBTi6sIYiKntMjoYFHMPvI/OMUip5ljtLitVbkFGfagSqmbxK # 7rJMhC8wiTzHanBg1Rrbff1niBbnFbbV4UDmYumjs1FIpFCazk6AADXxoKCo5TsO # zSHqr9gHgGYQC2hMyX9MGLIpowYCURx3L7kUiGbOiMwaMIIHejCCBWKgAwIBAgIK # YQ6Q0gAAAAAAAzANBgkqhkiG9w0BAQsFADCBiDELMAkGA1UEBhMCVVMxEzARBgNV # BAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jv # c29mdCBDb3Jwb3JhdGlvbjEyMDAGA1UEAxMpTWljcm9zb2Z0IFJvb3QgQ2VydGlm # aWNhdGUgQXV0aG9yaXR5IDIwMTEwHhcNMTEwNzA4MjA1OTA5WhcNMjYwNzA4MjEw # OTA5WjB+MQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UE # BxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSgwJgYD # VQQDEx9NaWNyb3NvZnQgQ29kZSBTaWduaW5nIFBDQSAyMDExMIICIjANBgkqhkiG # 9w0BAQEFAAOCAg8AMIICCgKCAgEAq/D6chAcLq3YbqqCEE00uvK2WCGfQhsqa+la # UKq4BjgaBEm6f8MMHt03a8YS2AvwOMKZBrDIOdUBFDFC04kNeWSHfpRgJGyvnkmc # 6Whe0t+bU7IKLMOv2akrrnoJr9eWWcpgGgXpZnboMlImEi/nqwhQz7NEt13YxC4D # dato88tt8zpcoRb0RrrgOGSsbmQ1eKagYw8t00CT+OPeBw3VXHmlSSnnDb6gE3e+ # lD3v++MrWhAfTVYoonpy4BI6t0le2O3tQ5GD2Xuye4Yb2T6xjF3oiU+EGvKhL1nk # kDstrjNYxbc+/jLTswM9sbKvkjh+0p2ALPVOVpEhNSXDOW5kf1O6nA+tGSOEy/S6 # A4aN91/w0FK/jJSHvMAhdCVfGCi2zCcoOCWYOUo2z3yxkq4cI6epZuxhH2rhKEmd # X4jiJV3TIUs+UsS1Vz8kA/DRelsv1SPjcF0PUUZ3s/gA4bysAoJf28AVs70b1FVL # 5zmhD+kjSbwYuER8ReTBw3J64HLnJN+/RpnF78IcV9uDjexNSTCnq47f7Fufr/zd # sGbiwZeBe+3W7UvnSSmnEyimp31ngOaKYnhfsi+E11ecXL93KCjx7W3DKI8sj0A3 # T8HhhUSJxAlMxdSlQy90lfdu+HggWCwTXWCVmj5PM4TasIgX3p5O9JawvEagbJjS # 4NaIjAsCAwEAAaOCAe0wggHpMBAGCSsGAQQBgjcVAQQDAgEAMB0GA1UdDgQWBBRI # bmTlUAXTgqoXNzcitW2oynUClTAZBgkrBgEEAYI3FAIEDB4KAFMAdQBiAEMAQTAL # BgNVHQ8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAfBgNVHSMEGDAWgBRyLToCMZBD # uRQFTuHqp8cx0SOJNDBaBgNVHR8EUzBRME+gTaBLhklodHRwOi8vY3JsLm1pY3Jv # c29mdC5jb20vcGtpL2NybC9wcm9kdWN0cy9NaWNSb29DZXJBdXQyMDExXzIwMTFf # MDNfMjIuY3JsMF4GCCsGAQUFBwEBBFIwUDBOBggrBgEFBQcwAoZCaHR0cDovL3d3 # dy5taWNyb3NvZnQuY29tL3BraS9jZXJ0cy9NaWNSb29DZXJBdXQyMDExXzIwMTFf # MDNfMjIuY3J0MIGfBgNVHSAEgZcwgZQwgZEGCSsGAQQBgjcuAzCBgzA/BggrBgEF # BQcCARYzaHR0cDovL3d3dy5taWNyb3NvZnQuY29tL3BraW9wcy9kb2NzL3ByaW1h # cnljcHMuaHRtMEAGCCsGAQUFBwICMDQeMiAdAEwAZQBnAGEAbABfAHAAbwBsAGkA # YwB5AF8AcwB0AGEAdABlAG0AZQBuAHQALiAdMA0GCSqGSIb3DQEBCwUAA4ICAQBn # 8oalmOBUeRou09h0ZyKbC5YR4WOSmUKWfdJ5DJDBZV8uLD74w3LRbYP+vj/oCso7 # v0epo/Np22O/IjWll11lhJB9i0ZQVdgMknzSGksc8zxCi1LQsP1r4z4HLimb5j0b # pdS1HXeUOeLpZMlEPXh6I/MTfaaQdION9MsmAkYqwooQu6SpBQyb7Wj6aC6VoCo/ # KmtYSWMfCWluWpiW5IP0wI/zRive/DvQvTXvbiWu5a8n7dDd8w6vmSiXmE0OPQvy # CInWH8MyGOLwxS3OW560STkKxgrCxq2u5bLZ2xWIUUVYODJxJxp/sfQn+N4sOiBp # mLJZiWhub6e3dMNABQamASooPoI/E01mC8CzTfXhj38cbxV9Rad25UAqZaPDXVJi # hsMdYzaXht/a8/jyFqGaJ+HNpZfQ7l1jQeNbB5yHPgZ3BtEGsXUfFL5hYbXw3MYb # BL7fQccOKO7eZS/sl/ahXJbYANahRr1Z85elCUtIEJmAH9AAKcWxm6U/RXceNcbS # oqKfenoi+kiVH6v7RyOA9Z74v2u3S5fi63V4GuzqN5l5GEv/1rMjaHXmr/r8i+sL # gOppO6/8MO0ETI7f33VtY5E90Z1WTk+/gFcioXgRMiF670EKsT/7qMykXcGhiJtX # cVZOSEXAQsmbdlsKgEhr/Xmfwb1tbWrJUnMTDXpQzTGCGg0wghoJAgEBMIGVMH4x # CzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRt # b25kMR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xKDAmBgNVBAMTH01p # Y3Jvc29mdCBDb2RlIFNpZ25pbmcgUENBIDIwMTECEzMAAAOuLTVRyFOPVR0AAAAA # A64wDQYJYIZIAWUDBAIBBQCgga4wGQYJKoZIhvcNAQkDMQwGCisGAQQBgjcCAQQw # HAYKKwYBBAGCNwIBCzEOMAwGCisGAQQBgjcCARUwLwYJKoZIhvcNAQkEMSIEIOaf # 1Bl0y3oqW59HY/ngSFtyTwZAtrX/QRLUVqgF7+GVMEIGCisGAQQBgjcCAQwxNDAy # oBSAEgBNAGkAYwByAG8AcwBvAGYAdKEagBhodHRwOi8vd3d3Lm1pY3Jvc29mdC5j # b20wDQYJKoZIhvcNAQEBBQAEggEAEfJC8asMf2tyEPxs1/ZisNHeq5m/rUusE5sR # hWs6R9xj0/cRVZyh+S/bviLJGiquJOlMgnKyHcXy9AG6BJoyq/+N4Vdf3h8kauh5 # C79E3AwWGC0iT98m3NKjdQIJ1QhJny0ypCTpX3v0IRbOr62rIQzZj/WV2T1uw0HS # j/VJ+597c7FBjPU2IlcdoiLhSOGsiF6ciwkHt1WJcBoKg8oYMtS6n807oHE0ucnA # +cD6ADePnplc0zxNDswPEuWoJ2CTxHmL3vQ5kySHVrjJbZjasukM3/nY5XfFyAtv # AL6YpM/+FRxPYgmRFEJrAP1z1A7k6e9H/pXW21ZmHmgKuLOyDKGCF5cwgheTBgor # BgEEAYI3AwMBMYIXgzCCF38GCSqGSIb3DQEHAqCCF3AwghdsAgEDMQ8wDQYJYIZI # AWUDBAIBBQAwggFSBgsqhkiG9w0BCRABBKCCAUEEggE9MIIBOQIBAQYKKwYBBAGE # WQoDATAxMA0GCWCGSAFlAwQCAQUABCDWlXJyjSAVGCiaY14IhIAv1Tp9/jK55E57 # XmGqXK+n1AIGZeeoDKMEGBMyMDI0MDMxMTE4MTgyMi4zOTZaMASAAgH0oIHRpIHO # MIHLMQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMH # UmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSUwIwYDVQQL # ExxNaWNyb3NvZnQgQW1lcmljYSBPcGVyYXRpb25zMScwJQYDVQQLEx5uU2hpZWxk # IFRTUyBFU046OTIwMC0wNUUwLUQ5NDcxJTAjBgNVBAMTHE1pY3Jvc29mdCBUaW1l # LVN0YW1wIFNlcnZpY2WgghHtMIIHIDCCBQigAwIBAgITMwAAAecujy+TC08b6QAB # AAAB5zANBgkqhkiG9w0BAQsFADB8MQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2Fz # aGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENv # cnBvcmF0aW9uMSYwJAYDVQQDEx1NaWNyb3NvZnQgVGltZS1TdGFtcCBQQ0EgMjAx # MDAeFw0yMzEyMDYxODQ1MTlaFw0yNTAzMDUxODQ1MTlaMIHLMQswCQYDVQQGEwJV # UzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UE # ChMVTWljcm9zb2Z0IENvcnBvcmF0aW9uMSUwIwYDVQQLExxNaWNyb3NvZnQgQW1l # cmljYSBPcGVyYXRpb25zMScwJQYDVQQLEx5uU2hpZWxkIFRTUyBFU046OTIwMC0w # NUUwLUQ5NDcxJTAjBgNVBAMTHE1pY3Jvc29mdCBUaW1lLVN0YW1wIFNlcnZpY2Uw # ggIiMA0GCSqGSIb3DQEBAQUAA4ICDwAwggIKAoICAQDCV58v4IuQ659XPM1DtaWM # v9/HRUC5kdiEF89YBP6/Rn7kjqMkZ5ESemf5Eli4CLtQVSefRpF1j7S5LLKisMWO # GRaLcaVbGTfcmI1vMRJ1tzMwCNIoCq/vy8WH8QdV1B/Ab5sK+Q9yIvzGw47TfXPE # 8RlrauwK/e+nWnwMt060akEZiJJz1Vh1LhSYKaiP9Z23EZmGETCWigkKbcuAnhvh # 3yrMa89uBfaeHQZEHGQqdskM48EBcWSWdpiSSBiAxyhHUkbknl9PPztB/SUxzRZj # UzWHg9bf1mqZ0cIiAWC0EjK7ONhlQfKSRHVLKLNPpl3/+UL4Xjc0Yvdqc88gOLUr # /84T9/xK5r82ulvRp2A8/ar9cG4W7650uKaAxRAmgL4hKgIX5/0aIAsbyqJOa6OI # GSF9a+DfXl1LpQPNKR792scF7tjD5WqwIuifS9YUiHMvRLjjKk0SSCV/mpXC0BoP # kk5asfxrrJbCsJePHSOEblpJzRmzaP6OMXwRcrb7TXFQOsTkKuqkWvvYIPvVzC68 # UM+MskLPld1eqdOOMK7Sbbf2tGSZf3+iOwWQMcWXB9gw5gK3AIYK08WkJJuyzPqf # itgubdRCmYr9CVsNOuW+wHDYGhciJDF2LkrjkFUjUcXSIJd9f2ssYitZ9CurGV74 # BQcfrxjvk1L8jvtN7mulIwIDAQABo4IBSTCCAUUwHQYDVR0OBBYEFM/+4JiAnzY4 # dpEf/Zlrh1K73o9YMB8GA1UdIwQYMBaAFJ+nFV0AXmJdg/Tl0mWnG1M1GelyMF8G # A1UdHwRYMFYwVKBSoFCGTmh0dHA6Ly93d3cubWljcm9zb2Z0LmNvbS9wa2lvcHMv # Y3JsL01pY3Jvc29mdCUyMFRpbWUtU3RhbXAlMjBQQ0ElMjAyMDEwKDEpLmNybDBs # BggrBgEFBQcBAQRgMF4wXAYIKwYBBQUHMAKGUGh0dHA6Ly93d3cubWljcm9zb2Z0 # LmNvbS9wa2lvcHMvY2VydHMvTWljcm9zb2Z0JTIwVGltZS1TdGFtcCUyMFBDQSUy # MDIwMTAoMSkuY3J0MAwGA1UdEwEB/wQCMAAwFgYDVR0lAQH/BAwwCgYIKwYBBQUH # AwgwDgYDVR0PAQH/BAQDAgeAMA0GCSqGSIb3DQEBCwUAA4ICAQB0ofDbk+llWi1c # C6nsfie5Jtp09o6b6ARCpvtDPq2KFP+hi+UNNP7LGciKuckqXCmBTFIhfBeGSxvk # 6ycokdQr3815pEOaYWTnHvQ0+8hKy86r1F4rfBu4oHB5cTy08T4ohrG/OYG/B/gN # nz0Ol6v7u/qEjz48zXZ6ZlxKGyZwKmKZWaBd2DYEwzKpdLkBxs6A6enWZR0jY+q5 # FdbV45ghGTKgSr5ECAOnLD4njJwfjIq0mRZWwDZQoXtJSaVHSu2lHQL3YHEFikun # bUTJfNfBDLL7Gv+sTmRiDZky5OAxoLG2gaTfuiFbfpmSfPcgl5COUzfMQnzpKfX6 # +FkI0QQNvuPpWsDU8sR+uni2VmDo7rmqJrom4ihgVNdLaMfNUqvBL5ZiSK1zmaEL # BJ9a+YOjE5pmSarW5sGbn7iVkF2W9JQIOH6tGWLFJS5Hs36zahkoHh8iD963LeGj # ZqkFusKaUW72yMj/yxTeGEDOoIr35kwXxr1Uu+zkur2y+FuNY0oZjppzp95AW1le # hP0xaO+oBV1XfvaCur/B5PVAp2xzrosMEUcAwpJpio+VYfIufGj7meXcGQYWA8Um # r8K6Auo+Jlj8IeFS6lSvKhqQpmdBzAMGqPOQKt1Ow3ZXxehK7vAiim3ZiALlM0K5 # 46k0sZrxdZPgpmz7O8w9gHLuyZAQezCCB3EwggVZoAMCAQICEzMAAAAVxedrngKb # SZkAAAAAABUwDQYJKoZIhvcNAQELBQAwgYgxCzAJBgNVBAYTAlVTMRMwEQYDVQQI # EwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25kMR4wHAYDVQQKExVNaWNyb3Nv # ZnQgQ29ycG9yYXRpb24xMjAwBgNVBAMTKU1pY3Jvc29mdCBSb290IENlcnRpZmlj # YXRlIEF1dGhvcml0eSAyMDEwMB4XDTIxMDkzMDE4MjIyNVoXDTMwMDkzMDE4MzIy # NVowfDELMAkGA1UEBhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcT # B1JlZG1vbmQxHjAcBgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEmMCQGA1UE # AxMdTWljcm9zb2Z0IFRpbWUtU3RhbXAgUENBIDIwMTAwggIiMA0GCSqGSIb3DQEB # AQUAA4ICDwAwggIKAoICAQDk4aZM57RyIQt5osvXJHm9DtWC0/3unAcH0qlsTnXI # yjVX9gF/bErg4r25PhdgM/9cT8dm95VTcVrifkpa/rg2Z4VGIwy1jRPPdzLAEBjo # YH1qUoNEt6aORmsHFPPFdvWGUNzBRMhxXFExN6AKOG6N7dcP2CZTfDlhAnrEqv1y # aa8dq6z2Nr41JmTamDu6GnszrYBbfowQHJ1S/rboYiXcag/PXfT+jlPP1uyFVk3v # 3byNpOORj7I5LFGc6XBpDco2LXCOMcg1KL3jtIckw+DJj361VI/c+gVVmG1oO5pG # ve2krnopN6zL64NF50ZuyjLVwIYwXE8s4mKyzbnijYjklqwBSru+cakXW2dg3viS # kR4dPf0gz3N9QZpGdc3EXzTdEonW/aUgfX782Z5F37ZyL9t9X4C626p+Nuw2TPYr # bqgSUei/BQOj0XOmTTd0lBw0gg/wEPK3Rxjtp+iZfD9M269ewvPV2HM9Q07BMzlM # jgK8QmguEOqEUUbi0b1qGFphAXPKZ6Je1yh2AuIzGHLXpyDwwvoSCtdjbwzJNmSL # W6CmgyFdXzB0kZSU2LlQ+QuJYfM2BjUYhEfb3BvR/bLUHMVr9lxSUV0S2yW6r1AF # emzFER1y7435UsSFF5PAPBXbGjfHCBUYP3irRbb1Hode2o+eFnJpxq57t7c+auIu # rQIDAQABo4IB3TCCAdkwEgYJKwYBBAGCNxUBBAUCAwEAATAjBgkrBgEEAYI3FQIE # FgQUKqdS/mTEmr6CkTxGNSnPEP8vBO4wHQYDVR0OBBYEFJ+nFV0AXmJdg/Tl0mWn # G1M1GelyMFwGA1UdIARVMFMwUQYMKwYBBAGCN0yDfQEBMEEwPwYIKwYBBQUHAgEW # M2h0dHA6Ly93d3cubWljcm9zb2Z0LmNvbS9wa2lvcHMvRG9jcy9SZXBvc2l0b3J5 # Lmh0bTATBgNVHSUEDDAKBggrBgEFBQcDCDAZBgkrBgEEAYI3FAIEDB4KAFMAdQBi # AEMAQTALBgNVHQ8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAfBgNVHSMEGDAWgBTV # 9lbLj+iiXGJo0T2UkFvXzpoYxDBWBgNVHR8ETzBNMEugSaBHhkVodHRwOi8vY3Js # Lm1pY3Jvc29mdC5jb20vcGtpL2NybC9wcm9kdWN0cy9NaWNSb29DZXJBdXRfMjAx # MC0wNi0yMy5jcmwwWgYIKwYBBQUHAQEETjBMMEoGCCsGAQUFBzAChj5odHRwOi8v # d3d3Lm1pY3Jvc29mdC5jb20vcGtpL2NlcnRzL01pY1Jvb0NlckF1dF8yMDEwLTA2 # LTIzLmNydDANBgkqhkiG9w0BAQsFAAOCAgEAnVV9/Cqt4SwfZwExJFvhnnJL/Klv # 6lwUtj5OR2R4sQaTlz0xM7U518JxNj/aZGx80HU5bbsPMeTCj/ts0aGUGCLu6WZn # OlNN3Zi6th542DYunKmCVgADsAW+iehp4LoJ7nvfam++Kctu2D9IdQHZGN5tggz1 # bSNU5HhTdSRXud2f8449xvNo32X2pFaq95W2KFUn0CS9QKC/GbYSEhFdPSfgQJY4 # rPf5KYnDvBewVIVCs/wMnosZiefwC2qBwoEZQhlSdYo2wh3DYXMuLGt7bj8sCXgU # 6ZGyqVvfSaN0DLzskYDSPeZKPmY7T7uG+jIa2Zb0j/aRAfbOxnT99kxybxCrdTDF # NLB62FD+CljdQDzHVG2dY3RILLFORy3BFARxv2T5JL5zbcqOCb2zAVdJVGTZc9d/ # HltEAY5aGZFrDZ+kKNxnGSgkujhLmm77IVRrakURR6nxt67I6IleT53S0Ex2tVdU # CbFpAUR+fKFhbHP+CrvsQWY9af3LwUFJfn6Tvsv4O+S3Fb+0zj6lMVGEvL8CwYKi # excdFYmNcP7ntdAoGokLjzbaukz5m/8K6TT4JDVnK+ANuOaMmdbhIurwJ0I9JZTm # dHRbatGePu1+oDEzfbzL6Xu/OHBE0ZDxyKs6ijoIYn/ZcGNTTY3ugm2lBRDBcQZq # ELQdVTNYs6FwZvKhggNQMIICOAIBATCB+aGB0aSBzjCByzELMAkGA1UEBhMCVVMx # EzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAcBgNVBAoT # FU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjElMCMGA1UECxMcTWljcm9zb2Z0IEFtZXJp # Y2EgT3BlcmF0aW9uczEnMCUGA1UECxMeblNoaWVsZCBUU1MgRVNOOjkyMDAtMDVF # MC1EOTQ3MSUwIwYDVQQDExxNaWNyb3NvZnQgVGltZS1TdGFtcCBTZXJ2aWNloiMK # AQEwBwYFKw4DAhoDFQCzcgTnGasSwe/dru+cPe1NF/vwQ6CBgzCBgKR+MHwxCzAJ # BgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQHEwdSZWRtb25k # MR4wHAYDVQQKExVNaWNyb3NvZnQgQ29ycG9yYXRpb24xJjAkBgNVBAMTHU1pY3Jv # c29mdCBUaW1lLVN0YW1wIFBDQSAyMDEwMA0GCSqGSIb3DQEBCwUAAgUA6ZlmTjAi # GA8yMDI0MDMxMTExMTUyNloYDzIwMjQwMzEyMTExNTI2WjB3MD0GCisGAQQBhFkK # BAExLzAtMAoCBQDpmWZOAgEAMAoCAQACAg5YAgH/MAcCAQACAhN6MAoCBQDpmrfO # AgEAMDYGCisGAQQBhFkKBAIxKDAmMAwGCisGAQQBhFkKAwKgCjAIAgEAAgMHoSCh # CjAIAgEAAgMBhqAwDQYJKoZIhvcNAQELBQADggEBAJ0sAggHvReZrsmGWyr5uOrk # q70Tum9h4/W79ukcx7zwNjyhOJr4GWooF1EO1v+HqukzoHKoxbrbRL9K9oegYigL # WQonHneHUsodr9OBavxUf8xLOi9b5HNwKqDSf0LiGyxhbkjOj8nyUedzI1YggSsz # ZhivBvprLUm7EpbzWJ8RfQkzTfqWTU5QJVrVrud61TqjY9RRnXjUSpISs7Jo/T0w # pjMOmeyxtiQCMqHiEDJkcP10+xRSyc6Mpvz4sEYCV5sXkBQGH9ZpWYO+JlpQAyST # XnSF3PBE3Eh0eoHj6niKAxHkHpkuoyjEKSubnWulzpXhYk5+pOsT5ASSwwvoNswx # ggQNMIIECQIBATCBkzB8MQswCQYDVQQGEwJVUzETMBEGA1UECBMKV2FzaGluZ3Rv # bjEQMA4GA1UEBxMHUmVkbW9uZDEeMBwGA1UEChMVTWljcm9zb2Z0IENvcnBvcmF0 # aW9uMSYwJAYDVQQDEx1NaWNyb3NvZnQgVGltZS1TdGFtcCBQQ0EgMjAxMAITMwAA # Aecujy+TC08b6QABAAAB5zANBglghkgBZQMEAgEFAKCCAUowGgYJKoZIhvcNAQkD # MQ0GCyqGSIb3DQEJEAEEMC8GCSqGSIb3DQEJBDEiBCCjzoXFOOtEv7aIt74Zh37J # plIALgDhly3uNpgXlV+5KzCB+gYLKoZIhvcNAQkQAi8xgeowgecwgeQwgb0EIOU2 # XQ12aob9DeDFXM9UFHeEX74Fv0ABvQMG7qC51nOtMIGYMIGApH4wfDELMAkGA1UE # BhMCVVMxEzARBgNVBAgTCldhc2hpbmd0b24xEDAOBgNVBAcTB1JlZG1vbmQxHjAc # BgNVBAoTFU1pY3Jvc29mdCBDb3Jwb3JhdGlvbjEmMCQGA1UEAxMdTWljcm9zb2Z0 # IFRpbWUtU3RhbXAgUENBIDIwMTACEzMAAAHnLo8vkwtPG+kAAQAAAecwIgQg34m4 # ksfUasZYdumxjVkqOCSuVDxElk408SFGOVV1FcAwDQYJKoZIhvcNAQELBQAEggIA # tSQIkqK21bW3ja03Z4nWuNSnbUPtmmemu0LvwwNql0UI+wX3jCsuX1+UMuIOTlG8 # P72uk4EwCBvCHKbqH/H3UKHd2XS9oOIivMjX0mvQCb5hkGygzNQ42nO8RIpw0yRG # EM7GoEMuDxPe7gEXDyR/ASVqKrKQsH59a2vK+qjyKaxQUuQCCh+R4LQL2dbqGAXW # miZxIRQKznQi0N9P8+JISa4sQaHw2T2NLizybb6LOYM89nRA9vryGiHjkaGLbFMF # Rlmoexh7lJCKtkVyTpGmrXMbGF3NxxWYwmXgfXjwxgORy+pv92QqfAFozBz3CTHw # 6FibbM/pNJSJSc0foCBXgWfcuLX6Q8FL4ikgf+hcoARb+IIiShUS6Kl1Jns3pumE # fzIYtd4LFjXIRCUqslDd6RKfzTIe8JnQbFvhxcbdFHcMHcA4alVLLetAiJPBoXsH # y4cyIV0Pmtyz5/Zf0cpU+2rpN4F4qi2EbLLkk7qxA6lotX/1Ql1EZFfsEbHzmOC6 # ibdWShict61YVsJlKx5Qjn2FFHEk+S5XQgBM2ZhsOxpLlkDo6A6IXMfU8WjNHrLP # qAmbDc9LZWr4ICfB9zc8TzdaIyQl20prVyLAzF5CvpKztEbaBTgd2TXGEz+BOPc8 # lQ7k+P684gHH4yeyYlydUKPFACFLQo5w1F8viTZS3hU= # SIG # End signature block |