From 0d004a187decef7f97aa24dbc5906d8ca91e9362 Mon Sep 17 00:00:00 2001 From: Maria Bermudez Date: Tue, 4 Sep 2018 08:28:54 -0700 Subject: [PATCH 01/19] Update cc-ee-node-activation.md Incorporating changes made on the kube-net-encryption branch. --- engine/cc-ee-node-activation.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/engine/cc-ee-node-activation.md b/engine/cc-ee-node-activation.md index 578e40f39d..2b51b05da9 100644 --- a/engine/cc-ee-node-activation.md +++ b/engine/cc-ee-node-activation.md @@ -32,7 +32,7 @@ Client: Experimental: false Server: Engine: - Version: 18.09.0-ce-tp3 + Version: 18.09.0-ce API version: 1.39 (minimum version 1.12) Go version: go1.10.3 Git commit: ca36ebe From 0c97266483818d29831bb61d89a3338984cbd0f9 Mon Sep 17 00:00:00 2001 From: Anne Henmi <41210220+ahh-docker@users.noreply.github.com> Date: Thu, 6 Sep 2018 18:55:04 -0600 Subject: [PATCH 02/19] Update cc-ee-node-activation.md --- engine/cc-ee-node-activation.md | 20 ++++++++------------ 1 file changed, 8 insertions(+), 12 deletions(-) diff --git a/engine/cc-ee-node-activation.md b/engine/cc-ee-node-activation.md index 2b51b05da9..3ba7220dbd 100644 --- a/engine/cc-ee-node-activation.md +++ b/engine/cc-ee-node-activation.md @@ -4,11 +4,11 @@ keywords: Engine, CE, EE, node activate title: CE-EE Node Activate --- -The Docker Enterprise Engine for Docker `18.09` release introduces a new feature called CE-EE Node Activate, and allows a user to perform an in-place seamless activation of the EE feature-set on a given node through the Docker Command Line Interface (CLI) without a re-install. +The Docker Enterprise Engine for Docker `18.09` release introduces a new feature called CE-EE Node Activate, and allows a user to perform an in-place seamless activation of the EE feature-set on an existing CE node through the Docker Command Line Interface (CLI) without a re-install. -The Docker Enterprise Engine for Docker version must be version `18.09` or higher. +The Docker Commmunity Edition Engine for Docker version must be version `18.09` or higher. -The activation can be performed either online with connection to Docker Hub, or offline with Linux distribution packages. +The activation can be performed either online with connection to Docker Hub, or offline. ## Limitations @@ -40,6 +40,7 @@ Server: OS/Arch: linux/amd64 Experimental: false ``` +**NOTE**: Your output may vary slightly from what is displayed on this page. 2. Log into the Docker engine from the command line. @@ -57,19 +58,11 @@ Login Succeeded 3. Activate the EE license. You must use sudo even if your user is part of the docker group. ``` -root@docker-node:~# sudo docker engine activate --registry-prefix docker.io/dockereng --version 18.09.0-ee +root@docker-node:~# sudo docker engine activate Looking for existing licenses for beluga... NUM OWNER PRODUCT ID EXPIRES PRICING COMPONENTS 0 beluga docker-ee-trial 2018-09-13 21:41:12 +0000 UTC Nodes:10 1 beluga docker-ee-trial 2018-08-31 03:17:15 +0000 UTC Nodes:10 -2 beluga docker-ee 2018-10-14 15:30:01 +0000 UTC Linux (IBM Z) Nodes:20,Linux (x86-64) Nodes:20,Windows (x86-64) Nodes:20 -3 beluga docker-ee-linux 2019-03-19 20:53:37 +0000 UTC Nodes:10 -4 docker docker-ee 2019-05-11 04:33:27 +0000 UTC Linux (IBM Z) Nodes:100,Windows (x86-64) Nodes:100,Linux (PowerPC) Nodes:100,Linux (x86-64) Nodes:100 -5 docker docker-ee 2021-04-01 18:00:17 +0000 UTC Linux (x86-64) Nodes:10,Windows (x86-64) Nodes:10 -6 docker docker-ee-server-oraclelinux 2017-08-12 21:55:40 +0000 UTC Nodes:10 -7 docker docker-ee-linux 2019-06-23 17:02:48 +0000 UTC Nodes:1000 -8 docker docker-ee-server-rhel 2017-05-27 14:04:12 +0000 UTC Nodes:10 -9 docker docker-ee-linux 2019-03-31 07:00:00 +0000 UTC Nodes:10 ``` 4. Pick the license of your choice @@ -80,6 +73,7 @@ waiting for engine to be responsive... engine is online. 5. Check the Docker Enterprise Engine for Docker version. The server engine will now be EE, and the client will stay CE. ``` + root@docker-node:~# docker version Client: Version: 18.09.0-ce @@ -99,3 +93,5 @@ Server: OS/Arch: linux/amd64 Experimental: false ``` + +**NOTE**: Your output may vary slightly from what is displayed on this page. From 5198393293e68fb3cde6549dfd3d6c56a5bad20b Mon Sep 17 00:00:00 2001 From: Anne Henmi Date: Fri, 7 Sep 2018 08:00:43 -0600 Subject: [PATCH 03/19] Created file and metadata --- ee/ucp/admin/accessing-vulnerability-data-in-ucp.md | 6 ++++++ 1 file changed, 6 insertions(+) create mode 100644 ee/ucp/admin/accessing-vulnerability-data-in-ucp.md diff --git a/ee/ucp/admin/accessing-vulnerability-data-in-ucp.md b/ee/ucp/admin/accessing-vulnerability-data-in-ucp.md new file mode 100644 index 0000000000..27ddab9b17 --- /dev/null +++ b/ee/ucp/admin/accessing-vulnerability-data-in-ucp.md @@ -0,0 +1,6 @@ +--- +title: Accessing vulnerability data in UCP +description: Learn how to access the vulnerability data from DTR in UCP +keywords: ucp, security, vulnerability, scanning, data, dtr, image +--- + From 6bed17a4a4f13715e454127108916d0490add850 Mon Sep 17 00:00:00 2001 From: Anne Henmi Date: Fri, 7 Sep 2018 08:23:55 -0600 Subject: [PATCH 04/19] Created initial content from template --- .../accessing-vulnerability-data-in-ucp.md | 21 +++++++++++++++++++ 1 file changed, 21 insertions(+) diff --git a/ee/ucp/admin/accessing-vulnerability-data-in-ucp.md b/ee/ucp/admin/accessing-vulnerability-data-in-ucp.md index 27ddab9b17..305becb3d1 100644 --- a/ee/ucp/admin/accessing-vulnerability-data-in-ucp.md +++ b/ee/ucp/admin/accessing-vulnerability-data-in-ucp.md @@ -4,3 +4,24 @@ description: Learn how to access the vulnerability data from DTR in UCP keywords: ucp, security, vulnerability, scanning, data, dtr, image --- +This feature displays image vulnerability data from DTR in the UCP web UI. If an image has a vulnerability detected by DTR's image scanning feature, we will show the number of known vulnerabilities in the UCP web UI everywhere that image is shown (e.g. the image list page, on the service details page for any Swarm services that use that image, etc.). + + +Step-by-Step Process + +1. Deploy UCP +2. Deploy DTR on that UCP cluster. Make sure that you enable single-sign on DTR (you can do this at install time by providing a --dtr-external-url flag to the DTR install command, or you can enable it in the DTR admin settings page after installation). +3. Upload an advanced license in UCP. +4. Push some images to DTR and scan them. +5. Observe their vulnerabilities in the UCP web UI. + +Limitations + +* This feature will only work with DTRs that have UCP single sign-on enabled. +* We do not show vulnerabilities on Kubernetes deployments or daemonsets: they only appear for containers, Swarm services, pods, and images. + +Requirements + +* You must have an advanced license to use this feature. +* DTR must be version 2.6.0 or higher. + From 6458c8caabe407417224b6f884b8a0d5010d8055 Mon Sep 17 00:00:00 2001 From: Anne Henmi <41210220+ahh-docker@users.noreply.github.com> Date: Fri, 7 Sep 2018 11:03:10 -0600 Subject: [PATCH 05/19] Update accessing-vulnerability-data-in-ucp.md Added Beta disclaimer --- ee/ucp/admin/accessing-vulnerability-data-in-ucp.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/ee/ucp/admin/accessing-vulnerability-data-in-ucp.md b/ee/ucp/admin/accessing-vulnerability-data-in-ucp.md index 305becb3d1..36606caed2 100644 --- a/ee/ucp/admin/accessing-vulnerability-data-in-ucp.md +++ b/ee/ucp/admin/accessing-vulnerability-data-in-ucp.md @@ -4,6 +4,10 @@ description: Learn how to access the vulnerability data from DTR in UCP keywords: ucp, security, vulnerability, scanning, data, dtr, image --- +> Beta disclaimer +> +> This is beta content. It is not yet complete and should be considered a work in progress. This content is subject to change without notice. + This feature displays image vulnerability data from DTR in the UCP web UI. If an image has a vulnerability detected by DTR's image scanning feature, we will show the number of known vulnerabilities in the UCP web UI everywhere that image is shown (e.g. the image list page, on the service details page for any Swarm services that use that image, etc.). From d2377bcbe76f71d8bad0eaa4a4f1502b62eb75a2 Mon Sep 17 00:00:00 2001 From: Anne Henmi <41210220+ahh-docker@users.noreply.github.com> Date: Mon, 10 Sep 2018 13:58:11 -0600 Subject: [PATCH 06/19] Delete cc-ee-node-activation.md --- engine/cc-ee-node-activation.md | 97 --------------------------------- 1 file changed, 97 deletions(-) delete mode 100644 engine/cc-ee-node-activation.md diff --git a/engine/cc-ee-node-activation.md b/engine/cc-ee-node-activation.md deleted file mode 100644 index 3ba7220dbd..0000000000 --- a/engine/cc-ee-node-activation.md +++ /dev/null @@ -1,97 +0,0 @@ ---- -description: Engine -keywords: Engine, CE, EE, node activate -title: CE-EE Node Activate ---- - -The Docker Enterprise Engine for Docker `18.09` release introduces a new feature called CE-EE Node Activate, and allows a user to perform an in-place seamless activation of the EE feature-set on an existing CE node through the Docker Command Line Interface (CLI) without a re-install. - -The Docker Commmunity Edition Engine for Docker version must be version `18.09` or higher. - -The activation can be performed either online with connection to Docker Hub, or offline. - -## Limitations - -* This feature is only supported on x86 Linux nodes -* Windows nodes are not currently supported -* Node level Engine activation between CE and EE is only supported in the same version of Docker Enterprise Engine for Docker -* Prior version of the Docker Enterprise Engine for Docker to not support this feature - -## Docker Engine 18.09 CE to EE Node Activation Process - -1. Check the current Docker version. -``` -root@docker-node:~# docker version -Client: - Version: 18.09.0-ce - API version: 1.39 - Go version: go1.10.3 - Git commit: ca36ebe - Built: Thu Aug 23 18:21:56 2018 - OS/Arch: linux/amd64 - Experimental: false -Server: - Engine: - Version: 18.09.0-ce - API version: 1.39 (minimum version 1.12) - Go version: go1.10.3 - Git commit: ca36ebe - Built: - OS/Arch: linux/amd64 - Experimental: false -``` -**NOTE**: Your output may vary slightly from what is displayed on this page. - -2. Log into the Docker engine from the command line. - -``` -root@docker-node:~# docker login -Login with your Docker ID to push and pull images from Docker Hub. If you don't have a Docker ID, head over to https://hub.docker.com to create one. -Username: beluga -Password: -WARNING! Your password will be stored unencrypted in /home/docker/.docker/config.json. -Configure a credential helper to remove this warning. See -https://docs.docker.com/engine/reference/commandline/login/#credentials-store -Login Succeeded -``` - -3. Activate the EE license. You must use sudo even if your user is part of the docker group. - -``` -root@docker-node:~# sudo docker engine activate -Looking for existing licenses for beluga... -NUM OWNER PRODUCT ID EXPIRES PRICING COMPONENTS -0 beluga docker-ee-trial 2018-09-13 21:41:12 +0000 UTC Nodes:10 -1 beluga docker-ee-trial 2018-08-31 03:17:15 +0000 UTC Nodes:10 -``` - -4. Pick the license of your choice -``` -Please pick a license by number: 0 -waiting for engine to be responsive... engine is online. -``` - -5. Check the Docker Enterprise Engine for Docker version. The server engine will now be EE, and the client will stay CE. -``` - -root@docker-node:~# docker version -Client: - Version: 18.09.0-ce - API version: 1.39 - Go version: go1.10.3 - Git commit: ca36ebe - Built: Thu Aug 23 18:21:56 2018 - OS/Arch: linux/amd64 - Experimental: false -Server: - Engine: - Version: 18.09.0-ee-1 - API version: 1.39 (minimum version 1.12) - Go version: go1.10.3 - Git commit: b9e7996 - Built: - OS/Arch: linux/amd64 - Experimental: false -``` - -**NOTE**: Your output may vary slightly from what is displayed on this page. From 61feb6c0b41a433deef48f117d831f1c1269e98d Mon Sep 17 00:00:00 2001 From: Anne Henmi Date: Fri, 14 Sep 2018 06:48:41 -0600 Subject: [PATCH 07/19] wording improvement --- .../accessing-vulnerability-data-in-ucp.md | 21 +++++++------------ 1 file changed, 8 insertions(+), 13 deletions(-) diff --git a/ee/ucp/admin/accessing-vulnerability-data-in-ucp.md b/ee/ucp/admin/accessing-vulnerability-data-in-ucp.md index 36606caed2..67e5e4bf9a 100644 --- a/ee/ucp/admin/accessing-vulnerability-data-in-ucp.md +++ b/ee/ucp/admin/accessing-vulnerability-data-in-ucp.md @@ -4,21 +4,8 @@ description: Learn how to access the vulnerability data from DTR in UCP keywords: ucp, security, vulnerability, scanning, data, dtr, image --- -> Beta disclaimer -> -> This is beta content. It is not yet complete and should be considered a work in progress. This content is subject to change without notice. - This feature displays image vulnerability data from DTR in the UCP web UI. If an image has a vulnerability detected by DTR's image scanning feature, we will show the number of known vulnerabilities in the UCP web UI everywhere that image is shown (e.g. the image list page, on the service details page for any Swarm services that use that image, etc.). - -Step-by-Step Process - -1. Deploy UCP -2. Deploy DTR on that UCP cluster. Make sure that you enable single-sign on DTR (you can do this at install time by providing a --dtr-external-url flag to the DTR install command, or you can enable it in the DTR admin settings page after installation). -3. Upload an advanced license in UCP. -4. Push some images to DTR and scan them. -5. Observe their vulnerabilities in the UCP web UI. - Limitations * This feature will only work with DTRs that have UCP single sign-on enabled. @@ -29,3 +16,11 @@ Requirements * You must have an advanced license to use this feature. * DTR must be version 2.6.0 or higher. +To access vulnerability data on UCP, run the following steps: + +1. Deploy UCP +2. Deploy DTR on the same UCP cluster +3. (Enable single-sign on DTR)[/datacenter/dtr/2.4/guides/admin/configure/enable-single-sign-on.md] +3. Upload an advanced license in UCP +4. Push some images to DTR and scan them +5. The UCP web UI will display image vulnerabilities From 212753f9f3c2c3011161d666b694839d996b3cb5 Mon Sep 17 00:00:00 2001 From: Anne Henmi Date: Fri, 14 Sep 2018 07:17:09 -0600 Subject: [PATCH 08/19] Added screenshot --- .../accessing-vulnerability-data-in-ucp.md | 2 ++ ee/ucp/images/example-of-vuln-data-in-ucp.png | Bin 0 -> 47967 bytes 2 files changed, 2 insertions(+) create mode 100644 ee/ucp/images/example-of-vuln-data-in-ucp.png diff --git a/ee/ucp/admin/accessing-vulnerability-data-in-ucp.md b/ee/ucp/admin/accessing-vulnerability-data-in-ucp.md index 67e5e4bf9a..a81ac5a311 100644 --- a/ee/ucp/admin/accessing-vulnerability-data-in-ucp.md +++ b/ee/ucp/admin/accessing-vulnerability-data-in-ucp.md @@ -24,3 +24,5 @@ To access vulnerability data on UCP, run the following steps: 3. Upload an advanced license in UCP 4. Push some images to DTR and scan them 5. The UCP web UI will display image vulnerabilities + +![example of vulnerability information in UCP](/images/example-of-vuln-data-in-ucp.png) diff --git a/ee/ucp/images/example-of-vuln-data-in-ucp.png b/ee/ucp/images/example-of-vuln-data-in-ucp.png new file mode 100644 index 0000000000000000000000000000000000000000..f8bf4d9337b1b3de5b32ec03292369a23ffefa35 GIT binary patch literal 47967 zcmeFZbx>W)(l;EEAb}791b26LcXxMp+XQ#FU?I2#cMrPRxVyW%ZQNa6?tPwfZtltZ z_gD2*y;SXD?V0YL?w;;7zctfqhsw)}!NX$0zIpQoUP4@0@y#1Z_BU@Jf??jiwv4@Z zYk2(!;h-oc_@;aW8~pm^!&h+)hc|EFkpK08c$4xI{goiyLRsBWT}GPI$kv9|z}VK% zgx1yO>nrt}H{7nAua`C^jt2OyHr4fr1jd)Lw1M)w+CO{veNp%`zaRXE^e--b{!=HH$`H@XN!%>razvlK)$YPsl4d&0h5JIFM z<4+R>x2`5wAL_5<*M(-uXW{-q=Qn^x-^H(kl7|2wcQ=8MP!&)$ZKpcUkF zJ`rwPdwa!(l!vTXbE3Zv9THwnpzK4Ii1G>czY_d4;43Kg)&1_V!X`96DiJ&pxL)Dj zsX=yo|2g_BV&OR_SL?jjs(xI#PG$C9pT7yD|JjItpRoop0l_uts@tFs59yOEWoG+h zyXx1oPIh5^jIZ_|bk63vK^k_q+ zlzeLBC)Z{InheYMx*)9q5wNkj%H0^%kZ-}3G@?wwy6ei`J38|?Sr-ho_``mm^_EQv zEoI%6TP5o_-s=2uLbxh1?L&uC4qfKn=ym9SMnIEr8@~G#_+bK!eR9EDdd*qg+nk#f zSPD?J*$Pof%ouc*MG_w_`39|q#&B1zl@uhLpvs?;gbwM39#u?mX`>t|dZep$!Apa* zHSYUJz!WQbAu7rStuelGE`sLpvx4GN{25zyB#fZ8@E|WE*;co2Ux7{r>Ps>;n2s|4 z>AIU#h4euUNW8V_lb+X1ABROqry>aTPv5x$-$Ef4PToFh=U*ls1o3DGMwUfVi3zVQ z)>G2V*CilI#Q2zM1>w}wGM_QW{~$b8aL&?LY;YS_Bax~=S@9&O?~ODqaI31`X5N&C zM)sC&JPPTsn@!5#sB7{p_u*AJx5g5>u%Hl(!G`21P-x=h0RhgaxD7js4PNQSXYObOmNUCW9uQqBpWxz#_+C=IGC76 z0>?t7ItC!HSB8!B&oo+VrO@XWsD3T7y7FhhkR zNg*e6Thz4XySsMWVSTvd=>KM>IvIs_=uQK7ZRSEY4&zh8@T^MI6q(A24*ZH3!+q9T zl&cYrc_2E^jYp_$EF2!gw}WS8cGLFupQ-toT;*ReeFxie=6!W8x4xsS#2+KEMU>we zO%_#U3^)H_9n>vSKT~Kne=L!wdjH!rdj z#2Y0lmq?_Xv7pFe93X+e;oTN=RjYI)a8`Mn?ZrB7p1^~1yHVdWr%DJB(ut=PdcO5X2Mip)VTB80XO>Tm;%Zu>gjuNm7+_-p!Sq zksS|${#Ya}FJF+2jG~i8E%xmzq5g347?HlZ(5ecGac>(k<9;Y2RCt=0bo6DY5D zbX=#F4};INk4>RPdGdGlt|FM%q!*}Pem1rp_9ti|xuv(&w*tpz<6Eq7{x8!o42SNR z`Mi@F{zq88c^gcl|24KBgB8sZ`VVUgwO?UY{6YA{Kco50TNEVzOkDz6ogUZ&tHaHQ%A8v0X*fmf`l3u+<9`5lJ*n@pbI)moGdLDN5V*oJ*o zTw5>h)1NN-@oFus9RbsyI@m+LDqc<}8Sy#I@fh+nN0 z)b9KErw;%BpC(rvh@GVYTYvwaGTtBeoOy9eiTz$NqjA!r|BZuAGrklW;@6IFw*a2> zGz7B%PUyjocuciEFc{$K4aD=b$DL)?;_7+(8_db_kHe50gY2|qY#1ijNHYlQ~H$IEt#OO?sZnLMlCQ3NQM@A zQX?L_4#v|x)|F(sJj~|<57()^F#Py$Fc(LokMGxTyT8)s1-w+tcV0!ygWew+$Iv_4 za<+EW({@%;(Q=?WLFaU!ilhf`aP#Y}PaH@=%dTpWuepF?XtSs)L&d;+v&WNcGFBDH z@ZGlQ9ITIeyi6~#sOet&<;I`J`-_srYQ1e9enw+G8?+AK-P}pC$tULbjHK4@{iVN(tiK;p$e;zvY-?NeC3AB+KqG_;Yca}6Rr6!4@mTO zM%S3FKhMxzF6R>YM}yf)>12_0&rfZ4|0~nDm2c@D_l(0zjkX%lc^Ctrq@)20Sp^P< zL?*1})Nb034@E$XZR(I8F-ODF-$qfVE%(=zj~OX{Dx{>xeO>Je^t^RgXqm<$IvDUT-p{iZure%yZ^x16q2rUK5qbcumybl)XL-u2~E8XWhQ!7Pg#t!arR zKCVo7d5UqV>{wa#Mnn#6wS@WmlU`fznp%lgO-@vcjO>5bjMp;DW2Z6P=@R+SUA%=< z8ODCUh=+iNIr$NwyDSFn=;-hZsi3PYxmUG^-EKJ>rUDXzHf$M#G)gOn!-JK6T%H)o z&1NAikv18P^&v#`Gc9g@@>R^vGlv{v-XPXc2J)6E*(k`{`Ff%Aa-}QfE_Qi|XkmJS zePj@;FdB3@t>n=4&IQV|xszi0TW^>`f$7$s*@1(I*S9@S@5_Yabq{~$f& z9d`C*`>?m2xpcw8Hx10xt;UaB9!`yn;AK@LT31n%s$<(kYVO&p+i|y@Z`wDgxrrqa zBU2`@C%dQul$f6wCatbW3YFu61jSLpElJWD+~CXx=;sxv{$5~DUzFSE-#X3blvs$? z^wyN;Xn@ijfU=)*DifB*UwUOJsyiy0J$rXw&J{ShJiV%(9;3*>C%GoLB&L-*Rje#n z=G~u6Bi$QX*d0p3Ovmi6qlN>M#(D#Q0NMvTbDr8k+3(vqmziKIJ{O)uEsh5JNaU(;yhkBv)IY?pPU?$SN3`6(mYz&IiAQpKLQNcdTl z1*lr7Z=ldVKo4P;T-~}1k4TZGWy(on=`A@VT8!FK+P>@VM;rta?|fMJl$P6qk;Q4b zk|*IHH)bpI7~oN0JAv($InYt@jjkLMD^_kcfb_dpz5TF3+AyYGMcL2l^09AyX}fY( z*Gh9OrG$|-m?fZsoO)#9`%)L=NaL6n^1Ght+^L5slEY?PrTh_L|KYoXO;>ToN1wJ#-4(bxLp3r`4$JPyep6IA*4+O zwU>fY=RXn=bTq8A=s14r{S-2SZ|c;PGOLpAX15@P8KJX6(XfA#EiwJ=f2ur z+9N)=ycKB3ydI z7lnlc1j!%FHfgn+N5>dQ1ydW~509)qUz0l`&RA_&T;SoIXIhe~{*C*6*Wu7bGj)@E z65(EmO?bUai`=Xn_Rgsnh$uB1%p-dH&xeOps&~iTMz47R*h>Wz(WFasHsrOx5(;7u zzcy6j)5ZSi*$)_)FtQzQO$==+X8h9EShM|hv3A;3{gg_2LuEH-tQNznikmNQyy#NY z4eyuQY=|C};X?}w3gs5uIQB((YV+mE$Yk9J!)i2-^+YeKu&3@pwCk1Z#8j^EajKe7 z+E~!k+0})5^bg{C2a-EC9t73|Dzn!dAVakq^}~~0n3Z+;R?BX9ek0M9^obWC_4aI4 zpmqH0d4IvY9ECV=yZkmFq0~0Kn z9ytUuAowK5oxhRY=IHc?(_v6SrSNgKi>0cq&Pq%;4+@q&@=nChGL~xoAzUll49x*D z7UhQm>~t(7g1YN-ydRA|It`-z(LQ}R!Pq+E?k;`8WkjM!d7T&?H-QaQA-3YNMuIyy z`1S|z53E$8QD{pa;B}IOg<}JF?=1qZX~O&XjNwCspRo5b;fkhp!I7&AvfmVy6@Sp% zg%qDyjfFmaQGzPO94hO>7S+CO7Wn!yMl8}` z+`VyvQquiQCKr)~wjMfml7NOGqxZ$M!RTCj;b4TuK3YMKSDwxrox!1WCNeciC|pf_ z^pn>3sFs@@B~A~#RV(LXeYWSZk<;xxt{>cPl(Jg946Q5|y~Bofq?p27SKk$&Otj)L zt0GdebZsQ%bklnHyn0;DIi>CH%K2QlF_REdRJuD>?Ht zVJQ3!py<{bzWE|)&?&AIE#3?VwA^oZ_B``7VJyDcoVBd|n4Bw4ReRn2_`@~2ufA(d z%fU(uaMDD01uj&7XHi>=#<{xqx=9r@U(#AfBJzlQyP$DvyOA^5$|1A|V|mhdvJkrw zsOT^u0nQg4`=qTAFwWFCFJT+U*pZQN&kkU5*=r%&rQZB@pjv~I}EH}LaIee(VR?u3kp>@ z*pv4JUDU6Yf0EW@M}vkvJ~@S(6KJfl;AS;n)0b;(N*aC``7#kGl|ie(XUH%72pU7@ zrZvXP&m5&YRcMIJ8QohM7SRYTvB23|0lG*(4O@ALBbPPo)yxif{L~wtPBJnxCk0() z^4ggDAq5w0mbfx*FAOjkfgW&bM%p2UEwpiv-6EipAK1K=j9Z)q@QyY7dd1?9AI6ay z6w09~W{u?ZS`@`SJ%FDvG2kywP<)syPiU^M18qZAbf>qiU4UK=&oOnsVq+bvjCYhd z=Tc40_m2(??(rpb!xvK;om}Z%O1}5uc;(mFfBAMo9R-qn54tFTM|)~1D1bA|c3jJG zDW7PQ(Jg1dHceSx)RNZabf(-cSaxPG*60E4vDSH)2O7{pI(SqB0EC@x@o1b-}@8ZtnA1(e< z$C4xB!b7(wnGh0qCj_)wo&iR4HGkX@)yb#Wz4ioFPmZ)N@vyi<;wGJ4HBeu_Xs;e; zL>??^pVAx1%!ytb=IpNa_-yZyI$=@1IG9fU`g`vL0!F#q*Wmqr)bZCR@tFS3M+*m= z64+|6R9`VCGy*!exjFPvWvO+=Y|Llp4*G@F+cZnuTDIaT1&YOjWuJetABmai4zT4}?re4O z4yJC`m$f*Plk136tBN?^HX}CoM`f906HWe&a`Tz7JS!Ej1e{zd@g~I*`8}U~Z}346bkHO6&uWdwoc5 zVXenn4b=4tCZR#+jMOazK8KAWSY)?A2z�Sk-<^Szw$#>q))>Gm5?RBgfz1-@fDF z<%kcTC~FqA*28XdVL`x}iKP44vPf6o%k56cXe3uTzrE7F5{gA`MiL4(l>$-%0wfLyQY#RAj&G{#^XE4e-qdB#Wt?DKuE!NTlXd=$6iHPOdXt zv?Muk%KbnF?W+Tmn{tbs&I_0xQV3(h3v!yp-0weE>I_w@0j0-&4Na&MrNZ&O};40~Q(8M|fnldS&`J{~yNX222>wbh!h@{KPdRClIhjZOu!Zi=_E#Hw^=Bhy9?C=B}WX9HF z6)+4Z6JKNzVnK`NI5uqMlF@2B+GxFWUnVcI{YuiD-BkY+7^LH#``w{iLV>_DzA!{I z${qAwy=3{^Na3tE+w|IQyf359xufE;WXW`mj&n1Xg|V{4QC8p{)lN{`gAV)BKqJi? z)T?$DI}xdK`7|iF6fz!NR5P?O^W>CISTWfUODS1^VZLga*!H{>b`J4A#>0M*hgD<; zE&tmD=xFDvmlnHwcj`vz@&Fh{p0=#H%w?>P!@GFNA>bJ|;#IcnVkyVl%#D_)G6)_Z zPh0F?BKlg$q=RhSn`f?rkXMt4RYFJ}v-go(UgXMPl`7k@&e0)CqPo7}1Crs32_5gY zE@)nE?x?uCr&|Jp8L7xH0*YvdR!s#r5@oz8a*!p*aa-xbVJ(A@QBreg$%`l7^-jR} zQ4VKRjCyTGdDw&n6mlXiRer580)aTYfXC3hh^OJ?>R~~jZ62efSu2u5>sZjE4`kzP zhG7AJW_YE;T5$7a*fOga;^<_}1g7AsEAV@G8<{to3SwThNYaB$>UMki55DK7L2q(7 zvk{{*1+)&$k?Wa(aVo`bj#%-jR` z9U}llua(&F#d)WcigA1&k9#*(PTBFVv>1GUL-RN9SNwe&w03B)OKXIZ>Z2kww_=iL zN)HZ=wFZBV{EYJ=V=(Oua{}s)RhDLLqBc-?Z0!XaAcI2d#e%$774ISd7TqnPoXD-t z7X5dfM1o{9T1}4f7b%|of}nfR_FS+*Kx6%x18?^WZ-AFyGQPoeiq#^i#pC(|Cd$Md zi_K9%^~hJIgi)=h_?_4uTA~D72X-et^~G*bLK(>sXb^OBb9Y76Ie%6nQu(g+M)_0K zGh-$?FZ@;~@Yaf!oC?V}#p_N*s2)c^>dCNsH|&+G zkyrN)U~A`#@n%U?QHFL(O_G-)Q1nJ4NAJ3v1soZBIQ}7dVpMHaz~cSrRyf?AoG9f` zYXwd)YHqjvL&G(=YqeG(@l>GkOofdSO07g`o&_Xhi_lV`l1y7V5M=gRvlE$a+@PR5 z{BtzBAt&PV;?S4TKMXt18t?}6P1@}?udz%$lV}1clC9?)}`~@=ZJnI$2Ffwesy+3_RWD-csCbkREWbx*cXsPmkOc#mRnDJE= zxc%*%PX6xS=aZ&07Aq3tetos`*=_}u!(6pm58L9j8$9;U^S9rpB?LN%0j~=@U%tCQ zN|-oLZz?5NMQx)~^!y@Z5c5-nI=cEO`>yhBSW)!so=yM>Q^3V800z*>TSQfrm4&ic z#A^Y#J!KtOgz7P+>3KfsE%5^DA8PfEY|Bkx>OU5|wZAu>DT+-P3$BF|hqDmm9u z)TK5$9~~7BNDZYpI_a*|Y6*|gbIPu;8;A)4MiUmsGdXQRv!#5nk*?25Z3BE@T(i+b zg$S2Ktx4$kQHl`UxJLRXjPB6X9??of!L|rImX(3>Z@$bSGpqMTJ(QSw{bfFyFL`AR z^d_abkGYj5U9(HMj)bklled+7`%7KQMrm5jRUTXq6jpZ%p|tLtPq)uF4>RMSB`K}I zFuxlf&x6E1Lx9mBuS=QPcv7>TRY_4u5F!1nq<6L6fO*BrI|^;c51mjx`D~pTq5T%Xzp-htT?&7$ux?1uOLb=#UWh>+CuC??mt zx*`giE#0nG^zx-tV3YpvwuijIgaoqcrpQU`)xG_%9bPZtc= z?)SIfdmKA{2?I2XDtL{4G|vOXRKQr(*gt>Hr5~y3GJbk}B(Qpr zNc|$DW#xj|c zm*6r_k7IQ2v-Ukw5mY)a0M!Lp5tZu^iVf~OtEm1KoAC9bdE6}Zp;1jC!+diob>7-B z+MVpq&kde4d$t_keGm2eOCRQ^La_4!X3RilKR{5q?{CnF-^Sp;68UyU_L1poV*Q{P#&B-;2ix1};%SWYE-TR<- zAe=5o@An8+B92G*;H8Trq#IjJ;GQGpvirsLxWwf52{lUGTc?PCdsayeXrxo3$tyEN z(4q>JhTq}t4yr2MQ^xRu?y5{|Ouzs*S|lu$WTpo1F&+(zi;9b(f5v_OeKS_K`fN#e zqQx-}vAgY}QnVIokX|O*FZ@*AnwWZHg@BA18uQ(3ZxY=gO8(ttYbHRoC7MgYy%SC; zbs$Hh>|_x+3u>%rrxq58?vHT{=EZxwpWHQN;HN;5r8tjE+PSTD8RjZOl;3cb4NTMJ z=sZv%R58k6XK6$>A<3lc`yh3FwbGqs$yg`>i3`Zd)G33>`h1S0Q8aNmS=HVwGHys} zNnQnXF;o%9BekT8Jc}!}OYBsz4qUr`(%#UQ(Tf^(GDqW$9&3|(nDGrtn?cu)+|YAl zVKZzZl)S;J{p#0~1EQlD@0uSBz|PF^T-`F%T`aJ&9e%qR^-Jfw@XoerMY8s~lZAch z#?!TbU|Z(+!b3H~`f>c~aXy~?0mutQXT8R(c9i}o;u6ct+z`_x?c2R{T~p6+n(WBS zedKBdi9KpJ6jb-b6lOCTZpM_bCvR}$_irNylMXN1vSu&Y^Ly;!N2?zdqoiAaPp5k} zB(NkD7?8poROU?F><Z!G~8uKiIr8J8IiDxI$Q)Fx^Nmj#zgOvryc)@&54)0 z+a7fYGZ#zd=X0>l$5^n{E;>?C)4CadlVzgf{LA-@@9YLlQ*2KwctGl%0~EH^9ZNx> zZxA8tr`t^@sY+I7|6KPrL{5*QQpTqv-Usgh;QBSB6=zew_en8T^R+I>BE7lN{n$M3 z=Q@IM*%=h~^10*_z+f1_*x*P~J4H>x3Uk1GlUjSUR`&y8UdErR5(p=?HJ+I1kPmCW zSwDUy1LcW#Snz!U?38pRe8U;H!c`eH_}E`)>r$cp%MR@SZk>zPHY0~8GNUDc5dJ@j zn2Gd$0A*jf!>%?w*XP*kM*JexR^(AOBxSN27*E7dRL9LJDHoE!0IG8y>g$u{1hb`q zA}L72>`q1}%1KRN%CJD734;j~b!#k-AAQn>U(gaI-5bo0Twm^St{a!;Q$6y2g<3sC zNpu+yCf^DLI^XCo9Md>5a`+APcPh-6LrbU~^AQ~nbE~9jYKkOYiQwcxdp0}g_tac8 zaDmOfoaj|1Ugb^3Osjp$^isiICZcTNi%5F3A#{Na@tLTJ<2E6&+8BdQ-OS;ej$LGT zIT%~N%+oeP3$Ctiw~LH?5nhc~`by!t)+7wN*w-nU!+@SwqOZZqX`)vanan!zd0DaO zfxwKduISsTC?l&Z0bvpH1UpZ<(W-GYrq%|{3@0uv8;IQ=yNk4w{_pY6KrE9MEss?h z$9C4Oqj5h5tje?-8~ATs^uss?r{YRXQYo7v-`@Mw?9+KUwGwUF~}s`j$QznM)3s*13uS zJznNwQ9#zoH0>AX8`I?x&>p$Zm4jq$w}&;6&J-Y_5$mt9Hfne9?tLO#!R_R%zl&_O{`P z@+23jXgz}suXb-MD3t>Q$vlzIfd0gF+tySm)HykK|Lu`)C*(7hLnSIaI`hkTNIdAS z@~&4bUalaVNJvmLi1s5k-=jDsmUWy@W%)t7NkZWFbo(uPC^kTRFg57R1NFVNzF6DD zdZrUdmfcX9k9;mUAANac$;w$+k~R(MCw&ysEL70x*<7Xq&Rtgi1Xk-+GCLKqqiV0j z0}5mUP;ld&V;2`1=YY-Q!|Y(I+ueZ5kq-rU6x7ib-RTjTf`ywH*DfPIG9vwq51yLH z3b^ZC(0K}2MtP^FhZ9o4auLBLbBIRDL|`hLG42Vk(>S^h&Sq-GX%*ApyIM0(*PG__ zLQlt{B4FN05tsxEs;OWoQ>g?!dQ8#Wm3j8WaDd}gB1>raqOsI0Er(b!%g0hNy|^rc zowN}jv1-g6?-wDjDf5I-CXm^_THb4+6h<=?aN-snwv2D z(wWpH&arO2Rc%iz*C*k9<18ZNmLlUBe)iaqZ7C`X9t@-hN+8)z(B=i!|WmU6~ zT2#onler-Kq>E!0Pm}Sy&*O29PjTGV^dX!`(aD85?1*U}m>N~T`i1mHc@FI{{CM!i(_4;cJdZ)w+}jsYdS9=nM4c)dgd*% zmO9rtdt=zto4q4sSMz02oAtH_AWk*r>BRf@6z19T%=CJ37yWaB%jI&2WQELv11Esw z^ZmBQ6gkkKtFS!3;`{oK8dYoOWYtK;+@Siq*!E(H)VaP$-u4F-v2I~~qz`D26LUxX z$P&qNAWDRsQZz4Q6tuj_6aSxuZD$Gt@cVMl{g%&MX>^=hL$a@@ACYAdrRzW9V^fMI z^!$Ya-mA>SP)!8>c;g(*r*+RQNYL3$f0(nWdemz}$&uwAx-6COxX(@kt44Bq7P@~R zr8+h0#}~2U92JJ*aWixHVb{e4%+x{T$$*3I1sL_O^H3H!XZtu;QJkO5hJ`${J~uVV zsOV^+J*KZRQ>7-Ujb40yd7@@tZ8{(YSwCb_n}|EzP}>S^uxe1}v&r_rRyCa&eRPN8 zCup<_K4@t=yQ6FXFN{xneJ`IW&DP#(1CsD<-w!Vua(Z9`<7JrzV!<7{KfGi8zeI^o zU19*pa&Vg1=*lk+x@FdBT|TV>!&>%qt2vgwWAb4?2+PP^za9*ETHjtR!naylXFI^F zhnbm^{LewhH)9EWVLS{3|o~>QLet|v8a5O0+&EL-06905v~h4HdKzH4NkFT zp?9omXBzd*&$gyIY{#$skcIQc;IZFmpe7O!9V#3(`XaW=w>1M%lU9Q?I#FRvrmIm3 zGXxHdn6EJgWWB_C=HB8Bfpq8woe&M(bs*ufhHTU7?05B}Ec4QeKKnRaL&9E~gwZvA z!qId?yzVI^zU~;Gg9{UKz-#O?9B)GLxwOv3j>-Wc9{gPv^5$(kQQPzQ;|SWrC!%|< z_`T40Egz)YqyD6A8ms0~f5Pi^MbM0|F`;}5`CNHIODf_(ul5yh-4Unp^mv{gWeKr@ z2)N})>@aL;Nw%bT$6M;g7FO}~vD%UnHu-du&wxjT!S|bw6a#z`7JIS3XPGL-h0kGP zl8Pqz7GCf4K!in9Hx$@tCcL^bC(zBx)o4+TkSM=IkdM$hviztno9?$92|O8<8QY{ zG@h@(LYx##=AN3hi@)|uqK@XmWonsi`0kA_zjMge#42Abec%c@US+)|l5yaCSU$`< zAR={}^s3drE14b8?$4x7^{CST6sJl@+-)LjPXmCZvfwSJ+dP}v06FSOzL~m=Mb=EUZ7CP5;yhOwZiT$FD1@3hr zeU71&#rA2yDZXgMZ0If8WZQl`aS%;Jr?K7Kx~i?naR!X%Vyuo>55q^3D+j*Jz&~}) zubPxaI5mW%YjWydg^!AX9p4Yf#B1%muP?5KMX8=2mms&EYPHK_4TL#}TCQ`j`Eh;K zhDx@-&er8e)!vo2{3Q}NL-AU%<1~i0nlW>mk=u_}f_e)ow93|`+Lo?Ox_ub%+vjq$ zzAhfQNU-L3x!`XoZuq2RlmJX_TYewMb#pMrGgpE2P$3k49af@)#A%=bxkDsB4NLV~ zL{(7Y|8Nje*K@jIYrw<#q}fL=vZOaby2CnSTA{)jn;P?|ZhT~{cQ8F@&;@x1X;_Xa z2uDRVJSPqWbVG6=*n{+C%oPTUjU$pW+}Rq(y4pL7wn&$=bx*j;sslgaB{0^ADVkdV z6m;}1^pHc+DJqk)qP`@-&CKoYG^pKdtH;VC*M9mMB zORD6ar1qcoQ^QA>^hdvs}v;U)&M8@!=NZxrg{ z)RU6Ji&H7^^eNOL!QXBU2@MS-_kMXUmnfvrZ*Pt<1xjmI-c*aK%t7oP+A`tLJ;%K0 zerdgR{L+$KyYliaX{qMHVw47}ele~-Qr=XkaEr*$QYNfRn9h`;lNYGi1^+_#^ujOt zNSu-WxjLrREAJm=CI*oD*%rXZmXpV_feH;*0FIfly)^ou9 z;bw~}Z8Oy5zc+E)9;o%j{q7$;amSot_}3!g3g2FlH1c{xs=+U(@h`f5qJa3?Cgoy{G?yn7Oisw|$Pt^U{6@9C^6 zGQ@It%aYt!xZd2MC7zoG1jTBT7|vGmTz?IXfBGW)#_#?m7CF@P^?b15tx4080Na7b z<8tBiWnK=g%%U*a=pr7-+b5S+Bno13H^OmRrrYIj_BVb5UtVjVlN-pf-hOrsc}qHT z)O4WvWv*dygRh}VHUMv77>^>u4KNxb-1~lEpm{LdSCEDRl;xm zKQ{bZsH==0kUe>+lWgm3a<-J#`4xuhDzq*5vs*UPAEOMm1AcSDXJ392xTZ4xW_8gN z8A2Jp!mXW5R~Y`xFMcIAeW7@v@Gsvl6wmShyE2;ojUSMOP??mhN0ivJ7=jr?#kb9a zVvQ|CeD0>z$nU@Et3PVLsW4+YMGo8-_(zp_+XIO&|I-uasyWR+i?z|~-@J8t$0tyT z`_G;xz1M>5)ryPA8Nq*u^Yw$nmuLI`W*}vT)B7y<&%SM1sD*XBVoqJV?W~SEOhKz% z1tnDm|NX|IYrxx=e%!0aTnDk(^di%Bd!eR^cEd%uSHNT3~$QFipH4s)D^WUqkY#SDX9fWF65MZ z*wdt}gnVE?x!lG*HHS?>0UP;FMQS#kFV8AL*EL9&`>Ft&*6#RA@|4WXQpv>3N&14g zocz-o5y?U4(y|QO)7SIpo%Yx|X@#^gptj1eWt`cQIVRJSr+_iS;JL9V?tilBwH$vf z9`d8nUgNLhv1gHtqdTs81*sMim(kM1`A=5bIdRURDKiNlq~@=S`vs$$5IId@3c8 zrR3b*vTyT!MR?erBr4+lJfc`^&wG!t*bds8QDFt-cA;f0q({|zrDTn); z2s<)%wql^A1o?)v;^7H!C0H1?-i1`(`W=X&dNy9%)!pZf8Ec^GX( z+l{g&;5}+tK0{b7OK~NRkjsiU_5fw9KGsa>o+;AeXbkl6#@>PtKQ ziub$bV``pmJqkxxQN_!V6rTI3xU*yx6`H4x@0fi$n(!gC9HV*((gTO%;RxvqvXfYz z4XsO^gqKt05xKE9d9fp?hhPJZ(FytIUh#`rA;h@ixdB5T z`q_agbCK6&BJX3iN?+VptL$8-0!*=j%q#>ye?o5fFWNzS6-fn}1m# z*(#`PwT=v5nP9Rg9~G<%iQQU_{P^H)JG|EE(edEj=G;^F;yFH#Jl?p&G4!wjbYx9J zL&~W>b8ct0TlG)45PU0Z$7DGkV9J!@$GNVAz3>r-HW4B1dT>4|lIN#1F^5mLY4!Xu zUfRukj9KcnaN07@$xhV=I5|EN1i4Qs)pXWk%1f2Ysh#(;B?f}UFgV-i`#txD9GZbE z-GzX;2?{BfUhL#WjT2|mi+vW*?k`gkD1yFoq^RH^Y=?zLE>EWlgj;u5oW=5eJ!NLs z{T3r=Q>QYSuqxzF+g06+6g892lBst-q9-ejmZn5lbwVq3(}jFdA}=75`z#aWPvk_> z%}#~<*(*DHGE=m1Zsx02ec}c~0~e1%&=|YVi5%?pVn*%A&Y2Jl34=6TFHK~WwC*yU zNqKzfrqIbHvct>3*TT0BHBZQOtP+7#`o+l=KcePc2Cs&Y|0nhQ< zYYX_N`)`Ah3Xu)@sJjjm%h1e~Vhj_SPgACbvboD*nofTXUK41kyX^5v%5NK=JH*&o zN>%Po;mX*28_QZuTIu+vrOlR;Ti;%DI=VRPVqaM%O3nQk>|{w!P3n|-JCCtEw6jT^ zd@|IgT8FxW>z&h5q49VDuBo!rUzcx97%I)O1Y>m{ zcuA+}LlT>mGAXlbYl;N7Ft}U>VUzglc;dF&OWUzGFVTrz5StVJaMMuq90egEafrJ5 zNV;+CirRkksU(EW-pebI>tC?TGG6Necg4`SO+aQp~v9aB%Udv(&ig3Rxo9x6vxocGV1NaR!2Ect*G?YCasf;BnGeeKFYoq4@D}K5Ow(d#=B7 zJ*MRa4t(jC7vwd&)*bM^QVhI3LNn=7et3N5mlKQeas~gKt8kyBw4vjj5Lr5nJ;n;PV!$fGUkeLx)>c9D>twjHrXqs)WEYbl}%Ed{=s5xaZ zRPjNiN3Fw?E0|*9;L>gAGX>GF{Rv?WQU|+1|54Rvi7nR1e_Xn17|QPag435*E! z29yFjo~R<*QEzWve?KS|z{lXAZWEGe)szZP{Ke$;ZpTsG|)#pO9`Ga}MbV{50W zym(Io=YDNd7Du6SgrWvFesaMHUo0zmpg<;#Nc5OFh@X>@UG6iiwMT-YOMpC_ze zanpes9n#IR*Np64X|62Q(|X5G=whW>P$fH5mny>5sO7pq?!!vByDH%@a$YhM1=U%dv_ zoEDqsq#(Q(OIp)F2;H5?PbW!8sdZ`EqPxtZ%>0Rt*6KQMrk20}_rp0#Ec#f}{7a0r zHxPKQ#Q(uYRL14xxz$7sX)_;?4~#XwSE;2Oolzh}L`Nw;m&D~mN+QpIEovftToG}y z;`jP|uj$kzrZeov@;f$bvViEsxR=#3-NakiU#sv4gNn*rj(8;ey!3d0=d25SNF-|U zu`Y$dN5Q)CVXs3cSa?x!eH8lO#p5bFaHXvBHGjyKI@b$)h#1!0`*NEcoVPR{*u`#o zL*ZQSF%r3F3sAXR0)DrLZqDdvct07d=cpLR_p)a-gJJnIlL`cfX&6t9TmG;@VovRj$0%YsuCnU2>jd*E>x} zk4nDP^M+ZsHX-j=t-?zFsH-rxJL8s3aV3b7rNTYHs01;et98>%y2-=w$Z})6XB&rw zUx%XfzaO$}bu-`Eb)@pSh9Vu*BK#t<%W-E@v1YK#-~*bq(!EptObEQdT4^E3pjG@t zqgqCOJ{ZJoT>TY+n^A9xiC7;uap8H<=0JOh*|Ejf4r>sl!Wd{X z_tbw9u$*6+;|cBES{8+Tq+n)_-RH8IsD1bAfi3$-1@}!X*a!Qlv^1vo*Yu0W?Q|cn zw`cs$5j&W=frao}1suioJ@>+BGQC<|7cLg3sV3R~Vec)&;##(D;Xr^00Yb0<0TSF@ zg1bxOF2TJC?sNzc+=4@JcXyfwf(2{b8+Uh?uXE0R&zHU5U-xeW>>SIL}X zjv6(a`zRBtSQaMF;bOLe-l7 zB@X^fOD)q8u!TV-i}xoz5aSE)F=w0)i%DfkelC(@QROC0X2j<_uGpBKAR*68?^zoF zm`5*PQ(Ay5tGYq0yTg9lR{K}B5)!zAK0-=bBa4BepCu#qjYdCA?VtOZGar+tbs+45L^BVgd~i%fnbhP@ji5F<)VJ!9O%Gy42NU6)?0g%ak$M?LuQMLd}|A0rje{ zp^hx*;~b@smg81Kl>c;R6!j7OJS4y^aS{U0V^XAzi9d1z|0OmbpFjnLXqU3C2r;L^W%`Ie3I}#(t7_kj3|~+2GGJB>HHt9 zdE$Gi4M&FlZ&u`{bEw3H8)bxloczgRU();i5%CL6RqsfG(7ZnZktIR8_fh@pc7-Qr zLU#L_c7@U(Um-p4A|fJWKK@B!hxZ;U+x1!_N5s^XLDuaV;FzsYRar5BT>Vj|N_o?+vdYa>0L| z{0GetV)!DYXZ!bU9>{s(O@$goN4~cn+d|mP`V0HQ&WZ^@WnSP<=m>GAcuciZ^`>juS}!IIr*!1P1n0(*F z(Nw8B@+A}$o93{~c%N_@R=8AFo~W0c_SThq701=5z8Qz@8v62#IT-aVr<&L9S>v-6 zE^YCHAiEkd>_5_UaMRpvBA+NfH2(M@PjBT}Yco-nTiy#1Q+6(AyHeJSel~?dk*M7AcEqsyX7+9I z8(P!#Stv}BxMIG7t7EK1xv#uMB$tb`Ht97!v-i&dpvz8n@Au6sd7kM{cL5bVwzmPS zU_8B~aZT{~`D9Koq&|t@)S$)#>|$*9x9OJg%J&Wx)Gb)LGo5WKIw&V6v69r>Il1S) z5ko3`e&dtY(GbezIBkC{F*zi!)1-|>Dyz^E`$La9+qbao>?w4Tc=Ga*$Gtf!USzd{ z7M}Ux5Z;e4xudU;Z9O7P}S<8%luO@c_7uCw%nmNy87@ROOKA0(dXa=d# zZB7pEhHhbEL1B!{rKH~K)VaUZteQA&H{MScSy_jMnkyG+CgVC#q$EyVSneB2pVH#Z z#Ed&?90WI71(*EbzbKNR9Lh1xVo+iYiXQsuEsnFhg!xi zaD7&n>x_t5792d|Z1phHyId;0-jR!|+8BK({$=2``Ct$_S{M-Qnb7WVUB#96I>mql9|$SQl-6w`s2WEAG{w1I`af{u=-be>JLnIRpWTwmQQKXQrx&)%k}7e z65VzSi$t6PzAchEHd79Ix9m(s@kz_NQB!r{v&(Rm?N5Ro>C7D)<$#mD{m~0B<_sbJ zhsee17srIP^iC$$DLZDkwL8z~(b8A7=^G%cy@GqG-xC<--+u;g2FZ+x@6KD`m>s~3 zHHB14mtts!1#@(*1x2q`<}a&xB$4(IGz_STL7vByd?tb2`4U3E*z?2-&AYYsl8AkrW#}y8F!N zB&Zj(p*VP8a4N7UUrn)gS>U!EzR%EfeK;C4eI1)By%&R;ls|R8#aZFl7F7qn+qAt& z!4QRO0@NQFcyVm+{Q!dJE(orU@6u)IJ~%_e%*e=M+lxQ?>~k@Apc%^U@)%7aU(B5A zr1Wr+oDhN|+Za|7E$_9jpv}e8zT6z;cGdPpFr1`?*+6SN5GkCv05Y%_+dhZoudDBS zPGoZt=S*47xsx`jB@^)G0}ksDM0qYr-hOo6_4dHTA(z|UfIO7b`xwZ~W~V&P2dRoH z;g6gZ=QWb*ElT=W&36w+;qs%@?F;4vbc6?32`D=X`G2HTHO=iw!u`?YEm1!s3Dln- zz@4yO;_>KCr?Aakx^H9~9R!Vru=TO!mJ>_;eY0L@ZA0~t(gG^{B3365PN^nZn-@v9 z9Fo7koL~2MOqg!pAN^{+_x^N@DjTXB7TWB^UmZpCApg`_+~vWKvPDWEjMtT$@qmXg z24`(VFMLg8LLTA9q+zH-Hz!F~lqJYbzRZU;565wr+QVrUOdBl;Z@6YjWNo~35%!^y0utua%L_*aewJO>K?sRr}=hTQEgbgXdQpjECN1L*wr5wM!yS`>2G8iQe^45z#d| zR~N?;hTh;1S(34_;3%pW{a9NwElw*Z)gHD*Sd`w6mPyWboQytPp~lTLE)d2!dmppN zC)&@B7pb7HS#6`JH1H_{o)ci(CoIKGXF%}`>TO9b^Z=)OvUERPuAYT5+E`gKB|JLN zvosiMBnuu7yLc=gMt-~76eKPl_^L9jxnwT^OxpE}tdp~q8tLCO8=NUD1Pl3E2%Nb zu35qxVTPCsyIHn8ml&6Y8VKK^*;#HN&;7m=6+XB+qrv-A&P!%Ek7ym)Q;PHJCayH5 zw--1h%l{2qi=}!Tw47E;>r2)kwVPW7lM!FtH-)YwR$#odi}WO=6Gtw zD&@}E7#0UcjaA2edW$ppXYJ==A_6B4v|3M5>9j#u(MtD*Pxr&IT&TO<@W@LbpH_BA zbOF>6TK1Z7Uf=4S5Q!aB!5E}DqkVH25AJ&~b)moS=0<4MYi{;lQkQu#&$2!*AN$oG zhvhn4^8Ou9R!WL%=ofd?+x~S_SA)8XFB%l=iH=IV64OR3Cvu4y8HY)3}`31oyW&z%sq z=(Qc~xG8|!jrU;WIc56mS(a%|kz$l1Gh^xjO{)X58gLGl5&@y^Fy2j9f9wX-v&&11%t=_U{@?U$Ts`Vs+9X7)N&DS@z&aYXu zv=AFr?(+sMex>=4Q3iagQ8)ehcP*$-ZxQQ&5o*XQHG-=^GaTmci1rfN9%jBSy4LD3 zt#CBbrRY{dkK z-+j&(e;ASW%ii*qDgrGn4Q*8%4o!Y~fC)p<8VTu!p%Ukvh@Dv{zFI>9Z0KOm~V_{h5qO zRP|JtRVGgePl$%H$nZJq_p4JOUElRAM8Z}MLZ#))5cX%AiwLqHNE2oR&Wq9+UEjm8 zJoc76ZIf(#Gx`d1?znwxj6vS$?O|p3E=l=r9VsaK^L@4F7tI5*^!c zWjgO#1#{3GN9bkGg5AvROgt(j+EWkiEn*d~^%XYK*BCp3iiMpKBT{lq@5U-ogLytv zq>g(@np#y75uI;rlFfYKsC#s7&9W#SVlVBu; zERd{D*JHBQ^t=Y9!x{?i@zlYxG_oAppRs4GiWex;#o(KJd74&@!hjLJHAgo(SbW)F z2=)RyQxy!`(zX6w9?ed#Z3yg)_5CydYWw;r#+9E=^DJkU_52e9#;%Th@%!nkHS2_j zNbv0!>y^95ClCHeZ(d^~JX26K31$_W_ZtaW!L1eNediQ3S!ZQk`%vuc)SzRl_QQGH zmk<*N`4SNu89!?YQS~)_5c!)EP+BuN5|S)PEu|9*_KNO@IYRlNw=Kuu&Bp$1u?xMm z;etln>TWLLg;odFWFIb04$}FbYhOLk=+Q{l$kX~+DzyuJT2$XaK0Xeuknq2dr)L41xAGMg(xMkQ~jsP8)aWwAgDHbAH)9UUu4 z&SGZRgb=-f%TER+Hm4X3T$-^Bui<3?x9rVY%4R4KI#>$5^;naUq9Q1=M2}RqBcx6a z(kl1A(QB=Fbe~N=>c~*)QKyXOAfAZhY;&|@RAJw)H!_m!Sn={z#g`6^Wm7KJd)z=NHZISbn9($1Zih~EZ_sEpZJjla^VD$6 zI$wdNj#KFz^y=;9*V!<-QMlZNcqs=Cc29Iu8(zF@zFrJx_0Cggwc4|=p*|Q5-{Zwe z(L9{=32>`O@YeBD$Zftz9de>K)pD*VArZSIsif9e;WS>UsdG6`r}&1#0Pdu! zBzb6^7)s|PZrnWZut^a*>f+_!{_F-MRYV+&d(Q5H7#cy+N&H-n*VUpYq!ugR zzhAE>O_Mp}gzQaRpI`ak;}>f@i)b+Ej8Sq0H$*X-06QxwQ9de@im{#)IUf=PasLN(|99tUOhNO!7N zZ!($+rNK}xlWP9{ro=v^K%>sB+r-1z^y*nz+#AS6d7hr66YG_|^U{=E$;Krq(zPCZ8VH09wnbc0G;|&Fk(?1$)d@`&)09 zwqegAr_Y_2?3!6aP`2io7OFiA|HL4_JfOZ!oTSCrDk>>s6=O=*I450sdHt5J9-HNL zN@9_|ibh(JRmsXqQQ_m73jGEUYy4Ama(QT+7MZAMbWpEDxw)3++nBGnuB@TRdGeao zd>}3nvSkpb)wttHBrM3OyK@vEH5dv!8Zf`OMPA=#e$V)$DwBp_E!BeKY0SW0JZckJM6&R~pyZiQd` z2aW@|>Aj?9<&}8-gq)XI5Y4pPSZad;1-WJ<2ehe|s3crBRu7ME6Nb6ACGknaxmssxmWjgJ9TW&yPb42isi<+r^y$ex3Kk2gahshO^y)0-6evdy6~2 zE@R4dx!U)M;Q9B1`N8`+Vtn_wVG<20lb-INu$q+0TM+6Ur?O)-BMF$P7u;}D)pD9B z+$V57!E4Rf8;(bm%x}9tgjM*9i|so=k_0Ssm~UUM=f(Je@*gnZFpaNSX)573W3&B! zUsnU&lw;bY^~QKtG>4Csd?*itEKz+|bHbqx-{I{MNAz+_ncJEF%<4`3NCuGe?C0d1 z52RZ}Kn?O7brJs-rxqud~a>XtNM06Ju)a*UIUcBSgvQSJT_H&TnthJSvQ7nGhXev!4UM~ zDw!c!CmW|X3%8=b_AF612hzHsRfn9>B$dF!eKAII4xgS-Ym9u1_*>U3U}A$hvJV_O7u#tJRKEkzmb+N=r4mx=fOo5#5mO0eHJpI zJLI0qSFt#fy7?jbXhlr)I#>!H_R*DOR)?WOw@{G>r*}zM{`uL=5p1oLGjx*ct0-BM(+DV+1FvmSAi<*-G3yj?5{!Bx| z(b^0$0S_?a7Icm3Vz&qj+cuB!ucpm6>L@2W%4&H@Cl*^JsbdzZtjf+-T$ud zeMUCo6_GO$?DPMAaV!6cK4pIT98T>&%>M*|2(F-8mQ9G>^}n=#@8P`Cvj4vGUmN^) z93cF6E$a89TxD)>_ar}E}9;QOre=#218x`cARrI+yOcImLpg^cC#+R-XD&5kU|cAw5l!*7luy=Lda

OEX8*ons$=-T~}sQ_xi~$mn`3$LwnPn84p-1 z0s;QzB@rw!n+N|f3P7P|59zEKP#1%htRnLpS*?Y?2gzK*-+C1rKoDsP|- zWAH>maSm2bUhSE*OKbN{uWPkgML!YlD9fq<0q@|@?NhWJ+(z&hTQJiGtaCk z^wo}k55rlCjBpH4$UfNSl~ni0zS6JD1DNz&IYP~3#7-D3?x^mc!Cz^gHb*U3Ioo|ga z3G3hdTEA6hkME*}yJA>~CysbPS}}C67Y|onk8kMIl}La3DAiJfr(2&)EbeRf=o(eS z$(qz~{M5;g>=?VvvQomzwiNWFB;<=!PZTF>;~Vxvv1#Ce7WeitT+TOkVZL_m2_!;Z z%pK3AJfe>=J9ypcitfDa*Dfx48If)(Jz69E(X)S#;0#klZS2Pov6naz>lK)=DWHJ; z2Zt%-*%u30NpZ`mBGI@wYHA8z@WJq?-PU_dbT}YCGKCRXDrlqG)95|bN~B$I>4KRV z7{F6TG+R9}&ut&%V}Bq!H(#ZYHb~KFE~h9ti9I>F_p9pYEH<#Sask4K&I%u_`sqUL zYBy`L*=4B|oi#evW2Mr^+qsM`Hjm~QErpR!cTR!^Y(47~c+$1@Mn}d1JgLEnDVr=7 zVS?axfE3;FDuvSJNr+VS-DxH0#ZEn;z*o-$urpz?TIf$`dea8icmT9i9IABKkWHZ{ zABy=e?{t{QcN6OOsD>$j13J+HP4tPYmyyUjxhtQo;bW$xtl+TF;(3V(ksuQ^UW3+0 zX=n~swnKkS4ZV|+xkx-SOz69xmSvmtr=TWBC%LG~MQKFdi;L-*ymR^L^L%|zP5CP? z7hFw9*KK$8@%6a00Wz@LAoqTPB&U0Ckj3jH2nA-k$%Hd)FLxm`;lk$lTs>6-oNm=FY3=N02vQ_ zffezV`SY}d8# zA3Yl;$dqp^!a9RuhZh6e0_sCh(_arG`?ff0pa%I4S5VW{W~h?0VvhulF?A)>TrR(~ zlj`Hmg){(QY|4W=iyTb$(}awDfmV1lfUhk7cKO>tv>EQWw*b_yalc#mzGIT}oOJ9^ z?R#%1j4+15V&qg0FcHZq(^-=}I7X?z&p)!9_Xf9BL`V`T#}bdVKgdz&NXXMvEX~=W z|7JQTrcppo6Gz5@mQ=P5`0b{3Da+JQo_B8bz(M3n3=U{p?N?>#ps ziM*1{_$9-gT(8L$>kJRKQI&4D=%}_oZCgR1UB5S^XGkVfn<(4S-ELGn8_kqZg5#Kr%*<#T724s zjBg7TEsn|GmWv%WcYO4}NPULkq~1#L&?v6?^3`9yMCqH?)Yv<&rPgZgif`d3dDPLh|I5;! zR(C(Px=60PkDiK#CVzZjur|pG@lv|jQ9yt~gAx~?+hrGMtsMK^t=JzppiBm=3%kcj z;;92NF1NqY*TNLA-AhR7A+(nhvm( zLKnHF$ezl_M=_J}`9eJo-V*xtj+xjW=FV1J4jPBw{A1V54I*UwXef=aWb<7Z`&RwT z#6#d++jvb1+!}BC08<%%3h9rUy-U+^I8^TglXe`!NXNcysG|`Uhve%c!QHktROBnH zAKAq_NWzzjK&aK$XjA4*thP9MmF)-quMzH@-3+cEr7GI^PV#>*lwZo8TR69TU|2^S z0vTO@G~Cn?mR$`J0uL7rKI>^ndaczxjsd@Tg*siI(n|?$xY(JV?tmgD$($(+3=(EZJ-qlxQHkA*PNZ90gWe)Y}mDjS^+iX9CT$T_JPZ#W_vvi}s)TRcf+ zYvq;r-RVD@b@y$kUNq+XpY2sUMmnBPvAKDtj_Nb3>s2~;nTx}|!M z5^eLlSYF`)lU0J)t)&kQV^kmYwjbNbs6@R>davW!Q$f;Wa=$hUxy6$U=hf~Zx}HL- zxP~3cmHQ&;!?6$>fwwDW4!cKTE~r3DMoqKF_QBF@TQ#ny9Oj1a5MLL_2)S6?NoF5T zZ35K15PhI4msLf$O7gd%se|^|>h^yjduNJ5cndd-8#=+(IR?s6!hV}GYzYgztsFk; zpr(Q8BqfTopKT={K9q^J@_~WJ+rwS?2}}yali&MU?8HI1xtI8?=iSFo0Sfy=By(Am z)-uzzNo8BN?$+s@Bn=m$AX2xQBOx9==0^|m@RytczyaP?L)i>6%(Q!#DKs8Eo8H-t z)*qZy5p+W1ClqA+TB1VE+uQqoIEUBO)Tw9^>j`AYl`xbl>eNY=!+GD9Rh=H*q}OC~ z4a4c0;4O$Vgy?=Dg;7PFX*j+tv+ryoA-~BZ_uz+Uw$s#t$|>W)!f1Y-u=ZBi5wGq{ z(W8pnd3GgS6fS_m;9-ZgTp;w(ETRd6Zy)9H4uT$^Mdtc=%#ib#N6Aw)siU+jkGL@k z*PW`*jkW?M~GT~=cww*LTIu@*>Z9ss%0}oj(6`UE+Y52wA)J}zx7B=z#{8`QHLjsqXAnB5?(*#%I6 zk?m8y%(77R`I=2RpO!n{FZ36%=jMl8L#3ENv4={uG^RJ*6gccYEE&T^;ppABo#!6! z0=#dDoH?81{|XY!Z7O1v3!3IR2P52_WyZLgeAd`O^N<_j^)Z=MtpBDyS$6MP!O-t2 zIXL(V=Q-c3)85wlNM*HTPa1JV_{@48`?6y1Q^UE8>s!d7t+6R>p|v5fyXyshpykkk zBU8n@t*G=mQWJJa*@fTcyXJd($j1bfHE%C%na(_PnCCF{*UwXz{O0clLs7l!9oZb| zQhY`Ewz9mQ&fU+^uelsf4u;cxaRs=x8W_}W14_|?@w~bBA8|cms}Kvmjl<|>(7u{_ zS`rNo$_iWC4+&g<|=UDf}rJeoCuWAT!c ztMcu`Js$y0=}dg5U1*PVU_SbG-|87jJ&jIZf?A#Jj-=O?I8xv9{Nw>O=domfGl|7H=2CJ&cK<+c0dVS1@j>;>%lXYWhXR_}m^$K!NnrUGXePwB1gkG=P= ziMTzRV-r1r%`Qf|B$waRanV|CB7l;vuhneIb@g3^i?cG-v&Fqao* zb;$41?+nD8jkM|g;u8}Q*IOO`3ZL0@urP5@umI}xt8Xls)!gf^I9wei6+4KF$Fdh_q#; za@(6vV{j$XoitKrhmbnbO{jSukl_lRQq6zm<8j@u2Z^O~yE3nc_3^KtyPEOo?9kbb zZB^KYCX`&mwLjK_AxFfiKG(yx7quU4-4ZH4uyD=8?pya)vD3Z!rw4`$QLXb%x3~mv zIvPoOycGP*NhD>Hzmn6{BLr1tssQE_DZj{ge{6$g27>lh4pRK%U0X z$!oGEtufkIj4J;la`A1Q)^j_c-f_5_u1hVuses=7nF#4i;ikyM-u&8()MbZ!Leyc*KGZwh!h*w(3%xGHkV@Lgvj z22cu1avG@D2g+*gv#M^=N=~J&-{Vx=_xI|$lQTQoOocqJI#IiPn63)Y+T?nawp(bt zs3;yz&hJ~B(pt69xlfjwl>dfq?#h%af875Sd{w>!nQ=X}V0n1}3wZ^Rpt`B4Rfl%K zSD+&%%G~&cC2FH)O=wldvY$?wdEyYIeD;oHTxIU7C-M6-6Ck65CqIHnDa|%eB6; zuzFK-Vuo&8orQO1_OmV>pK?uV4aPdx0%2{ALYW|#n%APE90(!HGF`kH306kvmwTU; zfA=}feioWy_KbbKM-m0p7y0@`QtOHf0J==5Ax_5LDXK8XAYJ5X_*%Dz_738-nZL(9 zttD7h6-^uyc`>t0hZJ*O$K{n6o?_WmD;W)OF*%vY#T#sI! zz1*{fPcqH=V`of5g?N@CGsFW&P>K>UAja<`)5(x5-^IZ%bOt%M3KhbTfjPodeDSSf z2Xs#6$}e^@be8f)YlFwuBYkr2!Gz22YK}zBysYGfz``d4I>H+ec$AmsDbir<1l2NQh*1yQ zbaFJd`e)$KhfY?T!w7*or>v8(>-+EfV~bf+FN|%zT}3v=r;<@jb_{em8cS=LKa{ep zWecxPDSqAgI)YTM(?#@-4%h$`5Pc-#tghn3UPhW>zJhU){ zk8ZyQ{u(W?Vv^;@7hp4~(bzrcs3RF3R^>>2q@TxSB_|gb%ifJbFDaGZd*@~cCAr*E z+1hmJfs)AU%x=m*uxQct51F9Bp7soRe|OULvHvO3qwI$zC^r01CZf_aM657xy)4^6 z?HH6E>VPv3Lztz2a*2p|`Y}B}5X~nnd2qY7G*uClRd+j&0jgNOKkmP|K9hHF`uzNc z!4gX1o{!GQ-Fn{Ue{q&{@xkET+RrK4vFczb#)-&ml|0pBi%AUMw%c*LRt@UStR2_z zGuJpjK5N)ik42#f%I8ea^X+0fXy}gGcIsq}X!DQQVXm8A-fOoaL<;q$j&lAn0s%X@A3%a*gD`+H%p5z&YZ1> z%$KGctIZV7(wv(ORkmBXZMQ>&OQ#n~-(lkdhj8Z`l5XerUJKhbU^Rxh6w)}JIjs!! zcIHGkyV78;nc``?Vb}>*%e3CFjTRD}#YIU%F1g$qn7ALMt=70bTy_V*^54udsHRl@@HDjFbJD(F;F0PO3gsMCaoY=6H}HC>y*t9F zd9o@Prl^0sN#!&8!GD4G%5>r)3Vr9MPWZ_aZV_oQVb!AN>NY#mMUC!yD#3BJprfmo z7(MDq57*A4G$L%XvGUDtk-%LmpY5xMgcqPlC^N`K*57*aImf6h=OV6pQ^8FK0o%ol z0FHB3%e8%St{~p*7P9w)A!hgCygC|Nb_1o+zzpl#o}8d9oij5ZK44pvz3}n3&i5l- z-ox>`mj?cMx&$O}IDp+|kg*S{KePeaB>#~~)>@MC;y%)Lwi49F>+6@tXh29}Bl=j~ zwMe}YL-Uwit7XqYYKiI%UO9B%bUB3@9Jz)DB@MQT!#X6a?(lYf#+Dns2?rG{p31 zy(!~NP;c{S;&w5)j5W@R=(OQ-*gqJlHmCBSy8qM}&1T=hdZ>S9TY8sqZ3QOK{b_jrxUq9 zlbP93@?r5oXpV(IlQ6+VBb1V%udy_&N9s8Hhi9Mb<8XS*Q2Sh?YK7gbdFr=t%eYk_ zY=tf@`X(qsa|%9165*f?b^=#R!kXFUTJgrH0!!K1dC1V$HBmpZPE&8h8RYs6kS8e} zje#ngEbzy{?S^ePci$y_3Qmov-0it$aoUm_BTdTDl|JW`W&B)Wv7B!(T(Bw*5hb|C zNbO#G%a{^UVL*OvkrxuVeI4(~S{5SSzXu?S402FH>RN1v2qxjxTWs|9Sbh+gbj2Hl zRI&npExF_x9`6P|q%VI=H>*c4!H{O5-^Jfz9Qv_+El%ypdzS6Lj~eMHyg?SQ3JncR zeZF;WxVjM9G@BBW0(m45F5jjK|D4dvX6{nP>b-7Ytj;lpk9KFqhu>6XP;OtH-$KEA z)NkWkvES=@E&23{YdXO>9ls6nolgOy_cDszBW<6tZvBo&(pwoxZwXTM)^)t9n>qAo zM~$8rNT>oiV2rT49(2;xjzvOdcE^)vlb}>$qOs-ew6=ZTMRgpZjZ=MShUTSpbbo3m zt5%!^CAl-~<0f)FidVJeR4>Zh;_fXlWVy&zvgaf0KBNEE@a40?#V8HaTN#0rMEolq z>waSRp}7K`B+lKl{MBmLdbvX?B0;g&9F+9g13P3SIzPv84tbey0FMpLj#y&@TlZte ztkb66vRF4uH@q;>3%XfyefE`hNa zN!0fIw}to2+aIeqXLQ9tgjMxauJz#90*@=TIJUgM&};qhFLnMDMr_p=7#NZF2hWT1 zvKIEVPNzdBS*JryVj*_j-I`Oi=Jc~D#_n)D`2?tL@z-u=#XOv1BTshSh??yB`55kE7tc)OnUw*5GBuS-=K zxjvc4$YsWM=5*v@n*=Sj+N}SCV^6rYbwlLmGQ{>*`i*z*&~Q*HeTsl+_akdpO03z& z=klyf6*(aar+0e)3AWhZ5i0Nv$A&u<9UKH*4;2imLf(+QZrj3 zT-{5g8@THCQF+8>StGlTXxgBAz|SLfqnksVvL{+oLTy=fO-i#i)7=bOB$0_Vj#^0d zcKWx*NON3s7eMo)+j+&C$8@xV13yq2e?0%L5`7+FVY8F z)T+ewN}ufUCSzB1F8@0opBu{~i-V-tkj7;~r1y%YU#2;zt@ZX_sDKvmFM5FSeGa2n zFUADUH=tzSXZK3l4#Rfnugbrlu*qgaUGLtF+3vK^q`SFJ59L{-?>Rg5mD!_b;}XR& zp534K2H9-|Yku_Db3KJ*Tpn(H8fVEM3FcOvtR}&$$8v=TRk?d>frT(0%Ib%E>pGz2 zpHbC3EK#}8K!4?=n3RMv;QUX$4rjTz;R^ZH;99)#_*^`KN)n60Wkq_rXsj3ejt^cB zPPpKUjpl5}#<(@S=-IrT=Sd3L#l{*K1eVi>d?RL$1o6U*beVXsYM$)mZ&+#W6@4Ee z3CIHMOtu`T<$!*t2k=rAJUdct=io|YHA>BWOPFVRot24C=}XgIt0 zj5s`c5%cSekhPtfSAx>8;^7&f-!^GcMzFP1+N8U_qc{(xdjyP)y-k4t48-f8gWr$r zvn57p)v3w^M8lEevgys-e0Cl`iW_wV)N<%Ig`6=_1DwyZ#)@Bc8AMH-Qk0N7l9`$) zV1_q_y~69l`yct)+*3{}%s=V1uz1YJuq6#a+{X41+Cd2Dh*vkCM* zK#xeWyhhiDJx+vNuIf8zMH9jC3Bebt;FL#z*8QN!na%mE-NS=?G&5YX@^{M>k0_3&C^GoHBOiOho^i?8Ti9!v4<9gPpbC`iGd&*|1(B>7#uPES4dZgQrLTpylX)g{Qj`z68<#@$7$wkgQM&oZM+T@#6Zg81awa zIH|)^Uqe71Y`E|EmxcfO(U}swL;$Gvo5b?>lK;N*1nIvv_(7|z#Rq{vCqg~)kjz(ERvM!v?F*hKT$q0(!}$M-lS zFwj<^Jhatz$I2v3>3K^d;`(i?q7hKP*?#QXor1=X7FX#tKY`V+uuhIHnn8KZ+G8<< zgn2UNP6)h~SB2X*QRx4k%10r{4_zFa{Y*)B9S`A3+X3tNRJw3Ah{HAgx^U{uHSYDSH{Z@vBYmB7 zqV(5pW5|7%_sW)LE5G(feg&fIpLhWpS0P7;xue(hHA{tU8K(IWobn4!D&r*ovhA7p zQov^Wl-94&u%l_dfL>0Mfw_&o^ALD`CN3MfaLz>nb`{Fe^nzgz<<<6nFRA-?+)A3P zhG^UE^Bf!ed#jmQyCCo7i=$KIGfqCtSy$rM)0y^zF(a{45r?x_pvVa7R}7x7p0B0! zHP*6Qi;uoJ;4{6}o+KyoF7iITSf|Txf61`D^*rUFhqrZac$zzm=s^_&0q%dc#R7U^5_Ro zW2fCDOl4I1a7skR0Llctu3xx5ANj~yA}BJ?Cmt*rbAm(K45d0#?_SPR0OIxx=>goN zY)z<7@2n%w}YH1|9eEub!39+8ZjG2-RUfW;#v>TRK zVXV=}@g~#qp4dCkrG}Ba&e1qtezCH(d_ZRZev z-tx%Mrh<62Vc=L9=q*>rCIjUKxEqCsP@@?X0Hk#}H2dL1zpRv0ajlcyY(me?cy7bU zo9>jpZcu;T>szO%ANbxsY>G!tU;($=<9#p*c!n>x#zNf5+ zS}%Je7r%ItsP#CZQj!buWk}&$#TjG1Euw$bw8P4lR~_7)?0sa zn4_)Sx_>s;(wvkLuhPpZac}ZCoL#2ecy*+|*%(V{A-DpKAe2gXh~;p3s(-4s@=ocd zP7sjrMmB+S&uXr-`)9pQ5Bd-qhYWm~5Lz;L;dbqu!G-CFI-PqxXsmP5xyWj@L$GwX zYsJul-)wgtOdsFOm&(ifmfO>1ciC`pxTP*mf@!A4nDD2{>2CA0VQM`eDi8Oyby5`_ z0|+sDU=3SyM_GlWjm$blqzZso-eYHP`Cw-9+eNJ!T8B&7VDO59E@ksmsoNo4IZ$4~ z?w-i$Cc5N5DVY{8xrrWR_&=XC1^8J%)1WG@8n;!_kfkT`xW2ye;F;ohovc&gXZvgH z|7-6%1<{F!UPcKMWsDL*MDGOAd+%)~QKR>6lpuQV z%#8oIH^1k1-TUTw_59yF^XhzN@3TK^@3qc4>wNcj?N#xmbIUtTESmhW$?WI^jIt;2 zgke%4oZXJi{gpGv;>((Hrebc0+pb3UB{b!wm*K_d3`rF6NO<+%V z!T77#au*0DBSq5cd>BEfz2Sr2dqFLuHS)D3T*vL))39Y0Yt~FIN&CU?Bh5x34R!;Z z4K5P-KU!zvQ|1q&1&i?29^3A0%AZQ`HJolkU%t#2JNr%0elLzWJ)B|e#Tsp#mGr5w z&IP=A^my74{kU1}xNES+KW|BEAsJw%m~7aW0wcdJ_!dD5qW44F7tdd%ND{tn{$*H< zw`#AV(8Y!(n09EO>?{28&M@UKWH+NjgYju)oe7OBo09KR0EWF=T|r8OT^R8+jVyPD8?pFVFq&Od zpvyJEqqA*aMmt2+l+2Pu)yiXgN`U;!RFlVl4b_tV1YXQMQyd|&7D|rWo*r&BAJ?mS znZ_eUtFk_9-1Z%wYdFaMejqS)MqE!NTowgIC&OZQg zwqGbawC2CytFk7`dif|LG?|p-4SvJBESAUQY`xPe52g}J`p5G3m$D&Q;uj$i&sX$b z-^KJ`R=;58=DRH6KQ(=WNF0UTdbMr1Hm6mj@ts0q*Si?8VVBVO1Tmh18ELz6SQ@(0 z9HN7=S(t2(PR(2CB+!CEhUi>K8Y9#^4n@IEygmA^zKeU$%-pxk8q7}2MJZHYy1!2%f1VGEc^@U<*oo%PZ7|zym|8|8IPnFR0h(iQ zY+RZ()}8Mq-H&R~FR)bL+_b%g6i|3|bjGvo5KoFctROwYOBOSO?K*QGa+&&in$oJ`N8?5g5!G% zjob&0w6>wdkm2y7_om{+kKj)SfLr73XMrR z%#-C}HJ4>9I6(9`Y~xM}ClYYa!W6MvEQ;B8j-)wI-V(%u`9LxQU8Uo~yRI8lBpzl2 zSidzRNvv*k55>wcp_~6=B!?u*`>J2&=d7}sb8P0vqCsu)FOqVFaT=-R+9o}cCK1YZ z+k-av~uv}R*m9diAB0=Dln{NX#n%+Tx?5zqfxfB23;XFUaTlA z2&`z`lf3ckfr;Qrh1DCttpF#D#MG*J(PYJ$ywGCN1|e3viAN+NDzjSTFAtTp_b0|$ zB{l#aZ=Cf}v;i3}3`8BOXX%400}aF0X(G_WB?QHkYEsHM&*d9Osd zl`SUNR(VsVhS{%G=r1F^QxR2B3i)$YVwUQOSaeA3vJb}Q@ za)&sSoy4YUcEV0u0UHBHjPjb8)9K;@DOIkEl=WZUg}71I z^0KraRTxLQ76y%ue6Cl@KEjAw-_-}|HmtPlJWa-xa(kGbugm!U;re7cxIF?@|4{1- zLk-B*i$NS^MV2yK(=09-9m0|-xNozo$CER-m0#H3(cR%16k3Sr4^C@YGkYeNy0ZcD z3+m$}zg;_mAH+0Y5g#8TD}#C1z^^GrRCv<*gNBhIgRqb&U7=_{3@6kh*C-pQ$BZR` z>%167bgCxDZV6pOgdmklNeagCrtJu>Y#v>s}UXJQ7f^YKg^f?{NIxO!-;ck0~C@h1* zpUgupp1bvjE^~N-=oL--fCzO{rxkuP+~y*v)5=z;C}`IS*!+^EgB6V}4BS%02X+`W zQ-IEgec{Q!ibcI(pPyZxEK!#y*VOXG&4(I;w`?4~XV$esI^N0>+Q);jKKZ%=pYjc;!=Z#}**H4^64BgV+-F>Gbx{k}aeudsFp-t}3Oii*NTGx5uD zmd?H5BYOkFRJH!5_~ht>E|CE|mTpnvSsum7p;&V3l@3xN=c@)MVVl0hJ9xn|thOr{ z^%qMC><};Mg?mI_MYa4dj&i(S{G8f6t=Of5!zAKR(|$q6hK$@ISEwaqq1S+U0eR9= zIUf|`YDit~n&_#|{WHqI22|EH38rGgvq~biHgwU98`vsX zo_{+Ij)gU~89&AFGAOiLw0+n`Xu@AhIK2PWNmQ{0@2bQuWfw>`yA!CissmjAW~pV( zDIMttJLaz1v_O|*Nd?RsWLq7KAEgU8eA2N9A;bar;3`;!oMw*7XjH9#zUNwGaCve1 zE{ogg*T)*9AKlKJw*;dFIe3ciD#QxI&8~NLd&#He_zoBSOmi}r#g+QfjZ-p14|G*_ z*m`V9BA8M}Gt&$ljK-Q#%b}l4>Ca}iufLlr>9glD2B8(BRq&9eWz|8+PfxyMidVxl zr#VT55>~YR-yotQejz$kB2)y2CkWCHn}k@6oTm7J z4a`Vu?B7=;f{ zDc*e}Pr_GUE2t%LC1`dTYjah4j%tsz*{R>Mks8rE%#d~w>G+Q;(Fc50w}NZGexbp$ zjkLC6E7IN%7VvJU&+jUfdmJnAI5K*5+!(H?l-)jTDP8^;bZlhwP#Jw%C@T98IL|sz zh-#uFyXi%4zp833zI8~o^$OJnSpjieR5Llse5?4#QFaFYfrM0BsosW#I!!=9CPWs( zuWz`yi(eYa{hV>{Bd%j()ZRIKdAA=n37adsV$0*YekCB$*=hhI*ar=ozsSLVL(aaT zgT++K(JQI+NV0$8Tnt}J(Y*I#*PaaHe;{BCU!&12uFjR|ga2yze|OKr?R?$u$8Eh{ ziCIoGogE(wUUu=4lHe=b!S%YH50bkM zcsc(I5xTasZ#*|cAEFJ3j6I1?+gaykbf1xyn0v{$+~U_ZbFm=IU{QBLo0{YS;kDYukH!ty!ovLGz@=oYonr>9xQg@ ztDrG`I#>O89I?J_y|KFM4V~Di%w@%NUFkI{=D)5fG={IhM+lp@R80UZ@OsO&HW;vPaIP#Oj2C7+Lu-^#28m0_tqaI=~)P4Oz_z}{QM`R`Yq&|D9al42=BlLM|P2M z^Kyr}wPZ9{y>~}UNWjC1_9+?yAGG#GlYtGC4drh=v2d`?nw_V;EDg8e=KIC|D4%8K za3^L8(;wTIoH{dW{n9E%b$6#dh0c=Xu<{VZ1Leyghk24l)n;7%SSS1d{-}&Ru5`E; zP(c!D&5{x2cb7VQAhrHo70CaR$3P4^Bjjc=iZfnuz4`WD1#=~3rA?4V6=%CDp?v}9_?T&mg$JL1%|4*{MI<#< z`CZDWS779As-z4I)xg;XFNl*_I1&iUzC9Eel`Wg($hPcTWzPcP#Kfql#AK71IjY@w-ty7!>| zXt>$3JL?RMf1`vj+{Zr+BXG~eR~S&gE z1`)M*c6B_LXexnq8LpeGB4Z`;_Cbz`xcnB|0yO_>7UsAd_&6=^WcIw1H?>Ufpom50 zwpaB@-UX)Fk6lVUXVUnliL~r@bo`**d#(ie#Dz`zAj+EUq1`JtS(8Pb=av+77fx6j zx`TA$yB-4335iKUHR{~bS&5|cMj9w`v%g%DZxXJR&R64cWbzrkC-L`8sL8gOHEv_DZ&_sm!7bwZ zhmVjHt-n56i1w#Gb^A2ZO2x-YFsJ3+Q5+!-McejO@ZX4{Gq=ZzB?S=i>b|cJ5TGKC ztO#>M)lAYN&X|EXAv;Fa+xb)V%zP3_s#o1J{33QUKUr*1VvgJOOSnBhW);bsS0!xZ z$v!k%S@QAUKDoaUQ+*k{viwcLmwERMu90lbcB?l=IwjoWuD)Q)>2S7Ds&^V|r3~?H zG|&MdkDy2iRhoAX5bt=%**gPt6o3CyM`}jpn(}+v_b26dK_Z#u(iR4Yh~Ze$VTxTD zUNxVb=tyBbE_GQr__$!Qwtd#ZVg{XemxPR3Vvsv*4HX6)NkT&vQu%)(v6-5$;`>I&` zvxu>1(k{%ECsi^Q=00hBY39?@8eeUFei~M4P~oxvNj$!egQz5;B7y#6AW09>fMP&B zX1~1yokoU+Kz#rzx2p0sML8SQ))sgW^rIF?}h5wQjOM(o=!ih3NiDB4N)KO{;#H**? zc;XsQE6lT_g^cjfUs8K%xVlq=IEMNKO=l&Bcin$AP*J|niyuP8GM#q{hbtsDlAaz2 zH{{N^Z7Dze>HJBF#zpV*U6fYr7`^%8yciM=OLEx$FN0NEm7&j2j5U;P`in??6Djxz zJU;QH^>gc%?kLz|7FZQ7PPO%NdM$aWv7b`;w8KemB~%Rup@~6k3ST%k=6r)q%UOBx zbaRsJq9utND=Fz#aZ{p<*;%*zAAPa!682hWwOeybQ=ctp!S^m(1kK_K_!+@T^%Hez7;U{bwtk8;>oMdf43Tib9txo{y zbYV5md3%Mc2-|=sq8NPv_a7LJUNBsCd^Dj1&bsjD#jfoqxV7j;c9zxD5t%M6vT~-&+d?&?)+W@XU zK2a>3HeBvv>HPu4c^)Eud|_-NIqlomvx+>&#PYvm$vb$GeH+bxt}9$~8SfCkv#SWG!4wk|b%1M z+p%3`N8QyyCX?cKYr`d<9fgX{g+aj^!%bRx;kgAD&!!C6I@To;<%`<)Jb>p?omAD`itb_U>(AO=sMkW z>LttkG%8Aj9G2Myv=*;*yEP7Lb(powQZ4l&I#aG?H~LY#O)n5=pu^N$>~9lZ@=lJC z4fZfHZ{AB|V)~U77Xf%8@bcb|+jGD>9D>EYTul{b_}hsWy|{6aX^Q- zW~rRAQ^D+HsRqgC-zkpId?^hBQSs8W5-9@aW1fe#PeQ(?4A*U1qU^j_#B)D9D-YS7 zEqZWKTf)+e)t^+0 z(SjSD^=tcn0yg)VxlKwkAiw>u=_wg)PO~vKDHAbW8K1sz7;;k zna|5gcCRrTormA%u?u4aM2Dh3E1OSxbI37`###2=O`w%8>hLfq3Y!{R?NmjKIBwj1 zsb-(MgtSERhSmT{r-}nMgtbGp>fMsmBVwJd5;gfedeq#`7X+kdr&^@l0K|5p$@@k+ zCo|5cBR{RN8iOOVd}T~PAs=1I!h^mtrrYBdsWclIc`*Dw+<@rJ)3@N^49sL>ESG4; ztI}f`vA}7k;-$mWXbchI@(^;ih|i_s^ZKxP1-u8&?5$;_)g3h6e!VQonDAMDejYNo z)%CrX03U}WTPL*0kzjv>X zMzc!fmao7P$|CFd{#f`H^OQBnEbdL-k$=(WGI*x~!TP~j6E(WSxoSq&{5e(&MS!|k zW0Puq+2LlwEao^^d#@`>SYnIBP~iR)L}d7h-68R+Pe!$w=wPRc+IvKmt#YYASV*UA zzuhUn=_eR|S3`x>dT6Xuj{t;EuUbq3{f)4JtyupfHmy|H7)kQ;`AL2Dq4{?`(0dW7dZNLb9<6w<-(Dff0?V)$IlZ!B&GSz!zSBEl ze*dx%b~19ZkwoWWmeYiu82!F?){BEP*+ z32~HVZ078X{dP@LYM<|;CM`F`@q9Guj2gg)dW8tYzp$xnT(ZzMfEdTh-)B$(Nll%>!$na+*+$| zXE~S4s(CC*jmY$+bDLbLjI z+SH zaeiNxDxu4KY({l>{JTkj2wemhi<$Xm?)r7VCN6ZMeW?=l=D(Xp0e|><+>3~~^)GN^ zuK_ItjLW*{_u(YJlb5ckKI&NL@dN$59+vat8enVFI&3dALhN%C4Qh#kf{DJwu zqN##H}bUJPm;FP&##(d_9An^TkKfay?E0pos)mFgs`MM`O z2hzq#RP*=L;g9uZK+ujeS?#f525qX_KuYw*cJ_huyLPFvjKIu1p`BNO1gANjsCja9h+odQ}szzcj?);tsO(Wc#FtX$wI z-G*>OWA%Cpistg4Js)59yt6_sb^hUiXL2RlZy~3I=hW!NaDVucklv^H%p_LtLhEVl zuztTTj>D;CS*^r-O^L%I4jasBjDYv^A%n{*Jx~RuV5b-6lhlg#kdw9H0j{-K@B;kZ zQy_c-_EL!D)Slpang7ocG7!1@CfqtsA64q3U0*gzD@}`CZyfYK@V8E5!{>z$plo!2 zQ%5U>6xz@UKy8k4zH73ZqGPO|bxTJ7EM+*D3bAVAsA!{aIG zEz)S0_;F4gzsC5|?!{Cfe4gf3XgE-xN4QB}%zR-LvZ2^aIm#@*%nGkR>5``mVW51`F=jHGF(c1tnR!qWS|OGzxyLN(^HjB zyaq)RuDx=>u?q#g;H?w6U-Rg;zm%&=U86)yW8@F)(^;C$e=Z@DFVFWghylpm-R%sR z4}FcQlBNY#UkTt?Xsvozii4EXG-0NyNXLOWdf060#*T^bW3O{WchO}$e3j)$EJE#u zN`hd3cYYpY8y`hQlN)Q1KM6PKba|J|WI74A>|qgk`gQLd^1P}yv***2G)+V~^rk#> zgtijY^(26O6$W9j^36obOKKXMT=OgMM`Pkmj!Q}I`zB<3|5f?*l3tnkuH8C*Z3AaY zE)i@V_OJnIs(DK}l$zAmJ9$HqivcBY%7%mO{K{Q$ogkw6L~efW*-=ZOePEJ_D8F-N zgSV+S;8|hv6^ke8<4y4yi0pl31(QQ{16r|=I<2QYtZF3<>$y1o$oN1P&vorsGaw=t z71XCBe8Ua_3z^st?~h70STX(GJkifmK3+`hMq6*lUk>6w(`eHGsE02V(tidyJ4X*MQB%3p=A5!h8#rl7*gV4g*g^CMqty!kZOJ#Ki+mj zHij@vKaU4GDt$LbP_Muo!rkyM6+3R-wFlD1s)8Kg2hk_#o3yKGa}}}#tyQqRdSZPkf?)DQGTIi@$Y2*c|SrKhGlk`S))J{iAY-=VlAh)!vuxS3U9 zw5Xte$L2+7*vP}1?w*G-NK2iND-f79;JugZN=hgWTY~qH2jofASq{`2(9q<3);$G1 zct&|EMKsmpP0zRyCFw*M?G}{cP)=RqhL(xgaL6hg7e(+^8&tyk*3VYdAhamg`cH=9 z;J{NtEidb&#Z zv+9QZ`2f7INv7-sp<{(#ZafA!F$n-!(5RB~)VrHEe0zp{>)1(}>iJEZ`NYVOM=3MK e_kY=WPc4&*iwk%2?#UnM-wQca*%Im3e*Xh2hKara literal 0 HcmV?d00001 From 57f9050a091c37755040b662277295766c4420a5 Mon Sep 17 00:00:00 2001 From: Anne Henmi <41210220+ahh-docker@users.noreply.github.com> Date: Mon, 17 Sep 2018 08:27:08 -0600 Subject: [PATCH 09/19] Update accessing-vulnerability-data-in-ucp.md Made all of @ddeyo 's changes except for the license question. --- .../accessing-vulnerability-data-in-ucp.md | 25 +++++++++++-------- 1 file changed, 14 insertions(+), 11 deletions(-) diff --git a/ee/ucp/admin/accessing-vulnerability-data-in-ucp.md b/ee/ucp/admin/accessing-vulnerability-data-in-ucp.md index a81ac5a311..4fb02dae11 100644 --- a/ee/ucp/admin/accessing-vulnerability-data-in-ucp.md +++ b/ee/ucp/admin/accessing-vulnerability-data-in-ucp.md @@ -4,25 +4,28 @@ description: Learn how to access the vulnerability data from DTR in UCP keywords: ucp, security, vulnerability, scanning, data, dtr, image --- -This feature displays image vulnerability data from DTR in the UCP web UI. If an image has a vulnerability detected by DTR's image scanning feature, we will show the number of known vulnerabilities in the UCP web UI everywhere that image is shown (e.g. the image list page, on the service details page for any Swarm services that use that image, etc.). +As of EE 2.1, UCP displays image vulnerability data from DTR. If DTR's image scanning feature detects a vulnerability +in a Docker image, the image's known vulnerabilities count now appears in the UCP web UI. Limitations -* This feature will only work with DTRs that have UCP single sign-on enabled. -* We do not show vulnerabilities on Kubernetes deployments or daemonsets: they only appear for containers, Swarm services, pods, and images. +* This feature will only work with DTRs that have UCP single sign-on enabled +* UCP only displays vulnerabilities for containers, Swarm services, pods, and images Requirements -* You must have an advanced license to use this feature. -* DTR must be version 2.6.0 or higher. +* An EE advanced license +* DTR version 2.6.0 or higher -To access vulnerability data on UCP, run the following steps: +To access vulnerability data on UCP, complete the following steps: -1. Deploy UCP -2. Deploy DTR on the same UCP cluster +1. (Deploy UCP)[https://docs.docker.com/ee/ucp/admin/install/] +2. (Deploy DTR on the same UCP cluster)[https://docs.docker.com/ee/dtr/admin/install/] 3. (Enable single-sign on DTR)[/datacenter/dtr/2.4/guides/admin/configure/enable-single-sign-on.md] -3. Upload an advanced license in UCP -4. Push some images to DTR and scan them -5. The UCP web UI will display image vulnerabilities +3. (Upload an advanced license in UCP)[https://docs.docker.com/ee/ucp/admin/configure/license-your-installation/] +4. (Push some images to DTR)[https://docs.docker.com/datacenter/dtr/2.1/guides/repos-and-images/push-an-image/] +5. (Scan the images)[https://docs.docker.com/datacenter/dtr/2.2/guides/user/manage-images/scan-images-for-vulnerabilities/] + +The UCP web UI will display image vulnerabilities ![example of vulnerability information in UCP](/images/example-of-vuln-data-in-ucp.png) From ae5e1f0e6c0ae644d04e473f70ffb6976cb0cf74 Mon Sep 17 00:00:00 2001 From: Anne Henmi <41210220+ahh-docker@users.noreply.github.com> Date: Mon, 17 Sep 2018 08:31:03 -0600 Subject: [PATCH 10/19] Update accessing-vulnerability-data-in-ucp.md Trying to fix graphic path. --- ee/ucp/admin/accessing-vulnerability-data-in-ucp.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ee/ucp/admin/accessing-vulnerability-data-in-ucp.md b/ee/ucp/admin/accessing-vulnerability-data-in-ucp.md index 4fb02dae11..6fc1007a55 100644 --- a/ee/ucp/admin/accessing-vulnerability-data-in-ucp.md +++ b/ee/ucp/admin/accessing-vulnerability-data-in-ucp.md @@ -28,4 +28,4 @@ To access vulnerability data on UCP, complete the following steps: The UCP web UI will display image vulnerabilities -![example of vulnerability information in UCP](/images/example-of-vuln-data-in-ucp.png) +![example of vulnerability information in UCP](../images/example-of-vuln-data-in-ucp.png) From 140a5fc96eed994c8cd3b9edf1a7f082f32660d9 Mon Sep 17 00:00:00 2001 From: Anne Henmi <41210220+ahh-docker@users.noreply.github.com> Date: Tue, 18 Sep 2018 21:15:14 -0600 Subject: [PATCH 11/19] Update accessing-vulnerability-data-in-ucp.md fixed hyperlinks per @bermudezmt --- ee/ucp/admin/accessing-vulnerability-data-in-ucp.md | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/ee/ucp/admin/accessing-vulnerability-data-in-ucp.md b/ee/ucp/admin/accessing-vulnerability-data-in-ucp.md index 6fc1007a55..770151765d 100644 --- a/ee/ucp/admin/accessing-vulnerability-data-in-ucp.md +++ b/ee/ucp/admin/accessing-vulnerability-data-in-ucp.md @@ -19,12 +19,12 @@ Requirements To access vulnerability data on UCP, complete the following steps: -1. (Deploy UCP)[https://docs.docker.com/ee/ucp/admin/install/] -2. (Deploy DTR on the same UCP cluster)[https://docs.docker.com/ee/dtr/admin/install/] -3. (Enable single-sign on DTR)[/datacenter/dtr/2.4/guides/admin/configure/enable-single-sign-on.md] -3. (Upload an advanced license in UCP)[https://docs.docker.com/ee/ucp/admin/configure/license-your-installation/] -4. (Push some images to DTR)[https://docs.docker.com/datacenter/dtr/2.1/guides/repos-and-images/push-an-image/] -5. (Scan the images)[https://docs.docker.com/datacenter/dtr/2.2/guides/user/manage-images/scan-images-for-vulnerabilities/] +1. [Deploy UCP](https://docs.docker.com/ee/ucp/admin/install/) +2. [Deploy DTR on the same UCP cluster](https://docs.docker.com/ee/dtr/admin/install/) +3. [Enable single-sign on DTR](/datacenter/dtr/2.4/guides/admin/configure/enable-single-sign-on.md) +3. [Upload an advanced license in UCP](https://docs.docker.com/ee/ucp/admin/configure/license-your-installation/) +4. [Push some images to DTR](https://docs.docker.com/datacenter/dtr/2.1/guides/repos-and-images/push-an-image/) +5. [Scan the images](https://docs.docker.com/datacenter/dtr/2.2/guides/user/manage-images/scan-images-for-vulnerabilities/) The UCP web UI will display image vulnerabilities From 567fee7352ecb2f40be9f1f0c6a9f91e8b90c63b Mon Sep 17 00:00:00 2001 From: Anne Henmi <41210220+ahh-docker@users.noreply.github.com> Date: Tue, 18 Sep 2018 21:16:18 -0600 Subject: [PATCH 12/19] Update accessing-vulnerability-data-in-ucp.md --- ee/ucp/admin/accessing-vulnerability-data-in-ucp.md | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/ee/ucp/admin/accessing-vulnerability-data-in-ucp.md b/ee/ucp/admin/accessing-vulnerability-data-in-ucp.md index 770151765d..2b3926367a 100644 --- a/ee/ucp/admin/accessing-vulnerability-data-in-ucp.md +++ b/ee/ucp/admin/accessing-vulnerability-data-in-ucp.md @@ -4,8 +4,7 @@ description: Learn how to access the vulnerability data from DTR in UCP keywords: ucp, security, vulnerability, scanning, data, dtr, image --- -As of EE 2.1, UCP displays image vulnerability data from DTR. If DTR's image scanning feature detects a vulnerability -in a Docker image, the image's known vulnerabilities count now appears in the UCP web UI. +As of EE 2.1, UCP displays image vulnerability count data from the DTR image scanning feature. Limitations From 277bbf2fff7d4db4f765afd82f6d87e23bf5b59a Mon Sep 17 00:00:00 2001 From: Anne Henmi Date: Tue, 18 Sep 2018 21:22:27 -0600 Subject: [PATCH 13/19] Added /ee/ucp/admin/accessing-vulnerability-data-in-ucp.md --- _data/toc.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/_data/toc.yaml b/_data/toc.yaml index 83621b755b..4c5dde7e46 100644 --- a/_data/toc.yaml +++ b/_data/toc.yaml @@ -1612,6 +1612,8 @@ manuals: title: Troubleshoot with logs - path: /ee/ucp/admin/monitor-and-troubleshoot/troubleshoot-configurations/ title: Troubleshoot configurations + - path: /ee/ucp/admin/accessing-vulnerability-data-in-ucp.md + title: Monitoring vulnerability data in UCP - path: /ee/ucp/admin/backups-and-disaster-recovery/ title: Backups and disaster recovery - title: CLI reference From f416ba1ff3032eb1242f8128f520137e236a67a6 Mon Sep 17 00:00:00 2001 From: Anne Henmi Date: Tue, 18 Sep 2018 21:29:00 -0600 Subject: [PATCH 14/19] Fixed TOC --- _data/toc.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/_data/toc.yaml b/_data/toc.yaml index 4c5dde7e46..842a998fd6 100644 --- a/_data/toc.yaml +++ b/_data/toc.yaml @@ -1612,7 +1612,7 @@ manuals: title: Troubleshoot with logs - path: /ee/ucp/admin/monitor-and-troubleshoot/troubleshoot-configurations/ title: Troubleshoot configurations - - path: /ee/ucp/admin/accessing-vulnerability-data-in-ucp.md + - path: /ee/ucp/admin/accessing-vulnerability-data-in-ucp/ title: Monitoring vulnerability data in UCP - path: /ee/ucp/admin/backups-and-disaster-recovery/ title: Backups and disaster recovery From b6265c2d09aa462c1ba052f6a5a66295cd5fe83e Mon Sep 17 00:00:00 2001 From: Anne Henmi Date: Tue, 18 Sep 2018 21:33:34 -0600 Subject: [PATCH 15/19] Fixed TOC link and moved the file. --- _data/toc.yaml | 4 ++-- .../accessing-vulnerability-data-in-ucp.md | 0 2 files changed, 2 insertions(+), 2 deletions(-) rename ee/ucp/admin/{ => monitor-and-troubleshoot}/accessing-vulnerability-data-in-ucp.md (100%) diff --git a/_data/toc.yaml b/_data/toc.yaml index 842a998fd6..b28e2911c3 100644 --- a/_data/toc.yaml +++ b/_data/toc.yaml @@ -1606,14 +1606,14 @@ manuals: section: - path: /ee/ucp/admin/monitor-and-troubleshoot/ title: Monitor the cluster status + - path: /ee/ucp/admin/monitor-and-troubleshoot/accessing-vulnerability-data-in-ucp/ + title: Monitoring vulnerability data in UCP - path: /ee/ucp/admin/monitor-and-troubleshoot/troubleshoot-node-messages/ title: Troubleshoot node messages - path: /ee/ucp/admin/monitor-and-troubleshoot/troubleshoot-with-logs/ title: Troubleshoot with logs - path: /ee/ucp/admin/monitor-and-troubleshoot/troubleshoot-configurations/ title: Troubleshoot configurations - - path: /ee/ucp/admin/accessing-vulnerability-data-in-ucp/ - title: Monitoring vulnerability data in UCP - path: /ee/ucp/admin/backups-and-disaster-recovery/ title: Backups and disaster recovery - title: CLI reference diff --git a/ee/ucp/admin/accessing-vulnerability-data-in-ucp.md b/ee/ucp/admin/monitor-and-troubleshoot/accessing-vulnerability-data-in-ucp.md similarity index 100% rename from ee/ucp/admin/accessing-vulnerability-data-in-ucp.md rename to ee/ucp/admin/monitor-and-troubleshoot/accessing-vulnerability-data-in-ucp.md From 6297ab43142a6302a4a331c3dbeecdf461c2f75b Mon Sep 17 00:00:00 2001 From: Anne Henmi Date: Thu, 20 Sep 2018 08:32:38 -0600 Subject: [PATCH 16/19] Moved the vulnerability data inside monitoring and configuration index, and removed the TOC entry. --- _data/toc.yaml | 2 -- .../accessing-vulnerability-data-in-ucp.md | 30 ------------------- .../admin/monitor-and-troubleshoot/index.md | 11 +++++++ 3 files changed, 11 insertions(+), 32 deletions(-) delete mode 100644 ee/ucp/admin/monitor-and-troubleshoot/accessing-vulnerability-data-in-ucp.md diff --git a/_data/toc.yaml b/_data/toc.yaml index b28e2911c3..83621b755b 100644 --- a/_data/toc.yaml +++ b/_data/toc.yaml @@ -1606,8 +1606,6 @@ manuals: section: - path: /ee/ucp/admin/monitor-and-troubleshoot/ title: Monitor the cluster status - - path: /ee/ucp/admin/monitor-and-troubleshoot/accessing-vulnerability-data-in-ucp/ - title: Monitoring vulnerability data in UCP - path: /ee/ucp/admin/monitor-and-troubleshoot/troubleshoot-node-messages/ title: Troubleshoot node messages - path: /ee/ucp/admin/monitor-and-troubleshoot/troubleshoot-with-logs/ diff --git a/ee/ucp/admin/monitor-and-troubleshoot/accessing-vulnerability-data-in-ucp.md b/ee/ucp/admin/monitor-and-troubleshoot/accessing-vulnerability-data-in-ucp.md deleted file mode 100644 index 2b3926367a..0000000000 --- a/ee/ucp/admin/monitor-and-troubleshoot/accessing-vulnerability-data-in-ucp.md +++ /dev/null @@ -1,30 +0,0 @@ ---- -title: Accessing vulnerability data in UCP -description: Learn how to access the vulnerability data from DTR in UCP -keywords: ucp, security, vulnerability, scanning, data, dtr, image ---- - -As of EE 2.1, UCP displays image vulnerability count data from the DTR image scanning feature. - -Limitations - -* This feature will only work with DTRs that have UCP single sign-on enabled -* UCP only displays vulnerabilities for containers, Swarm services, pods, and images - -Requirements - -* An EE advanced license -* DTR version 2.6.0 or higher - -To access vulnerability data on UCP, complete the following steps: - -1. [Deploy UCP](https://docs.docker.com/ee/ucp/admin/install/) -2. [Deploy DTR on the same UCP cluster](https://docs.docker.com/ee/dtr/admin/install/) -3. [Enable single-sign on DTR](/datacenter/dtr/2.4/guides/admin/configure/enable-single-sign-on.md) -3. [Upload an advanced license in UCP](https://docs.docker.com/ee/ucp/admin/configure/license-your-installation/) -4. [Push some images to DTR](https://docs.docker.com/datacenter/dtr/2.1/guides/repos-and-images/push-an-image/) -5. [Scan the images](https://docs.docker.com/datacenter/dtr/2.2/guides/user/manage-images/scan-images-for-vulnerabilities/) - -The UCP web UI will display image vulnerabilities - -![example of vulnerability information in UCP](../images/example-of-vuln-data-in-ucp.png) diff --git a/ee/ucp/admin/monitor-and-troubleshoot/index.md b/ee/ucp/admin/monitor-and-troubleshoot/index.md index 15cb2baa91..34e2f9cc68 100644 --- a/ee/ucp/admin/monitor-and-troubleshoot/index.md +++ b/ee/ucp/admin/monitor-and-troubleshoot/index.md @@ -60,6 +60,17 @@ URL of a manager node, and not a load balancer. In addition, please be aware tha pinging the endpoint with HEAD will result in a 404 error code. It is better to use GET instead. +## Monitoring automation + +For those implementations with an EE advanced license, UCP displays image +vulnerability count data from the DTR image scanning feature. UCP displays +vulnerability counts for containers, Swarm services, pods, and images. + +To enable this feature, the DTR 2.6.0 or higher implementation needs to have +UCP single sign-on enabled. + +![example of vulnerability information in UCP](./ee/ucp/images/example-of-vuln-data-in-ucp.png) + ## Where to go next - [Troubleshoot with logs](troubleshoot-with-logs.md) From 3803c9b593fb7d6f089f605d41fd0477d58adf18 Mon Sep 17 00:00:00 2001 From: Anne Henmi Date: Thu, 20 Sep 2018 08:34:28 -0600 Subject: [PATCH 17/19] trying to fix image path. --- ee/ucp/admin/monitor-and-troubleshoot/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ee/ucp/admin/monitor-and-troubleshoot/index.md b/ee/ucp/admin/monitor-and-troubleshoot/index.md index 34e2f9cc68..afef83c2bf 100644 --- a/ee/ucp/admin/monitor-and-troubleshoot/index.md +++ b/ee/ucp/admin/monitor-and-troubleshoot/index.md @@ -69,7 +69,7 @@ vulnerability counts for containers, Swarm services, pods, and images. To enable this feature, the DTR 2.6.0 or higher implementation needs to have UCP single sign-on enabled. -![example of vulnerability information in UCP](./ee/ucp/images/example-of-vuln-data-in-ucp.png) +![example of vulnerability information in UCP](/ee/ucp/images/example-of-vuln-data-in-ucp.png) ## Where to go next From 51f9a00851ad71ce0bf2ebe5a4b3e66df62e8b3e Mon Sep 17 00:00:00 2001 From: Anne Henmi Date: Thu, 20 Sep 2018 08:35:42 -0600 Subject: [PATCH 18/19] Trying again --- ee/ucp/admin/monitor-and-troubleshoot/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ee/ucp/admin/monitor-and-troubleshoot/index.md b/ee/ucp/admin/monitor-and-troubleshoot/index.md index afef83c2bf..a972850ee5 100644 --- a/ee/ucp/admin/monitor-and-troubleshoot/index.md +++ b/ee/ucp/admin/monitor-and-troubleshoot/index.md @@ -69,7 +69,7 @@ vulnerability counts for containers, Swarm services, pods, and images. To enable this feature, the DTR 2.6.0 or higher implementation needs to have UCP single sign-on enabled. -![example of vulnerability information in UCP](/ee/ucp/images/example-of-vuln-data-in-ucp.png) +![example of vulnerability information in UCP](../../images/example-of-vuln-data-in-ucp.png) ## Where to go next From f56dd1f89a1e4f6d1a4450e45b2d928fc3855683 Mon Sep 17 00:00:00 2001 From: Anne Henmi <41210220+ahh-docker@users.noreply.github.com> Date: Thu, 20 Sep 2018 22:10:35 -0600 Subject: [PATCH 19/19] Update index.md incorporated @JustinINevill's feedback --- ee/ucp/admin/monitor-and-troubleshoot/index.md | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/ee/ucp/admin/monitor-and-troubleshoot/index.md b/ee/ucp/admin/monitor-and-troubleshoot/index.md index a972850ee5..cfc1ff3b85 100644 --- a/ee/ucp/admin/monitor-and-troubleshoot/index.md +++ b/ee/ucp/admin/monitor-and-troubleshoot/index.md @@ -60,14 +60,13 @@ URL of a manager node, and not a load balancer. In addition, please be aware tha pinging the endpoint with HEAD will result in a 404 error code. It is better to use GET instead. -## Monitoring automation +## Monitoring vulnerability counts -For those implementations with an EE advanced license, UCP displays image +For those implementations with an EE Advanced subscription, UCP displays image vulnerability count data from the DTR image scanning feature. UCP displays vulnerability counts for containers, Swarm services, pods, and images. -To enable this feature, the DTR 2.6.0 or higher implementation needs to have -UCP single sign-on enabled. +To enable this feature, DTR 2.6 is required and single sign-on with UCP must be enabled. ![example of vulnerability information in UCP](../../images/example-of-vuln-data-in-ucp.png)